Skip to content

Commit

Permalink
checkpatch: match more world writable permissions
Browse files Browse the repository at this point in the history 
Currently checkpatch will fuss if one uses world writable settings in
debugfs files and DEVICE_ATTR uses by testing S_IWUGO but not testing
S_IWOTH, S_IRWXUGO or S_IALLUGO.

Extend the check to catch all cases exporting world writable permissions
including octal values.

[akpm@linux-foundation.org: remove stray $]
Signed-off-by: Joe Perches <joe@perches.com>
Original-patch-by: Nicholas Mc Guire <hofrat@osadl.org>
Cc: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
  • Loading branch information
Joe Perches authored and Linus Torvalds committed Apr 17, 2015
1 parent ebfd7d6 commit b392c64
Showing 1 changed file with 10 additions and 2 deletions.
12 changes: 10 additions & 2 deletions scripts/checkpatch.pl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -443,6 +443,14 @@ sub hash_show_words {
$mode_perms_search .= $entry->[0];
}

our $mode_perms_world_writable = qr{
S_IWUGO |
S_IWOTH |
S_IRWXUGO |
S_IALLUGO |
0[0-7][0-7][2367]
}x;

our $allowed_asm_includes = qr{(?x:
irq|
memory|
Expand Down Expand Up @@ -5356,8 +5364,8 @@ sub process {
}
}

if ($line =~ /debugfs_create_file.*S_IWUGO/ ||
$line =~ /DEVICE_ATTR.*S_IWUGO/ ) {
if ($line =~ /debugfs_create_\w+.*\b$mode_perms_world_writable\b/ ||
$line =~ /DEVICE_ATTR.*\b$mode_perms_world_writable\b/) {
WARN("EXPORTED_WORLD_WRITABLE",
"Exporting world writable files is usually an error. Consider more restrictive permissions.\n" . $herecurr);
}
Expand Down

0 comments on commit b392c64

Please sign in to comment.