From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Dmitry Torokhov <dtor@chromium.org>
Cc: devel@driverdev.osuosl.org, toddpoynor@gmail.com,
frankhu@chromium.org, jnjoseph@google.com,
lkml <linux-kernel@vger.kernel.org>,
Simon Que <sque@chromium.org>,
rspringer@google.com, Guenter Roeck <groeck@chromium.org>,
toddpoynor@google.com
Subject: Re: [PATCH 11/18] staging: gasket: always allow root open for write
Date: Sun, 15 Jul 2018 11:32:16 +0200 [thread overview]
Message-ID: <20180715093216.GA16003@kroah.com> (raw)
In-Reply-To: <CAE_wzQ_YosCJro46uuF1v6TQhVaTaXLdiLVD7gb94BwQx00SuQ@mail.gmail.com>
On Sun, Jul 15, 2018 at 12:11:47PM +0300, Dmitry Torokhov wrote:
> On Sun, Jul 15, 2018 at 12:05 PM Greg Kroah-Hartman
> <gregkh@linuxfoundation.org> wrote:
> >
> > On Fri, Jul 13, 2018 at 10:58:09PM -0700, Todd Poynor wrote:
> > > From: Todd Poynor <toddpoynor@google.com>
> > >
> > > Always allow root to open device for writing.
> > >
> > > Drop special-casing of ioctl permissions for root vs. owner.
> > >
> > > Reported-by: Dmitry Torokhov <dtor@chromium.org>
> > > Signed-off-by: Zhongze Hu <frankhu@chromium.org>
> > > Signed-off-by: Todd Poynor <toddpoynor@google.com>
> > > ---
> > > drivers/staging/gasket/apex_driver.c | 9 +++------
> > > drivers/staging/gasket/gasket_core.c | 8 +++++---
> > > drivers/staging/gasket/gasket_ioctl.c | 15 ++++++---------
> > > 3 files changed, 14 insertions(+), 18 deletions(-)
> > >
> > > diff --git a/drivers/staging/gasket/apex_driver.c b/drivers/staging/gasket/apex_driver.c
> > > index b1318482ba65..ffe11d8168ea 100644
> > > --- a/drivers/staging/gasket/apex_driver.c
> > > +++ b/drivers/staging/gasket/apex_driver.c
> > > @@ -644,13 +644,10 @@ static bool is_gcb_in_reset(struct gasket_dev *gasket_dev)
> > > static uint apex_ioctl_check_permissions(struct file *filp, uint cmd)
> > > {
> > > struct gasket_dev *gasket_dev = filp->private_data;
> > > - int root = capable(CAP_SYS_ADMIN);
> > > - int is_owner = gasket_dev->dev_info.ownership.is_owned &&
> > > - current->tgid == gasket_dev->dev_info.ownership.owner;
> > > + fmode_t write;
> > >
> > > - if (root || is_owner)
> > > - return 1;
> > > - return 0;
> > > + write = filp->f_mode & FMODE_WRITE;
> >
> > Ok, this is insane. You don't change, or check, the permissions on a
> > file handle while it is already open, as you only check the permissions
> > on OPEN, not on WRITE. See the recent rant from Linus on the linux-api
> > list for yet-another-long-threaad in which he explains this.
> >
> > So this whole ioctl can just be removed, it is totally crazy and wrong
> > and should just be removed.
>
> No, the code checks whether the requested ioctl command is compatible
> with the mode the file handle was open with. There are some ioctls
> that are allowed on file handle opened for read and others that
> require file handle to be opened for write. That is all. It does not
> change permissions past open.
That's really not obvious here :)
And is odd on a whole other set of "crazy design", but ok, let's let it
live for now.
I can't wait for people to just realize this whole "new" subsystem can
be replaced with UIO, but that's a topic for a different thread...
thanks,
greg k-h
next prev parent reply other threads:[~2018-07-15 9:32 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-14 5:57 [PATCH 00/18] staging: gasket: sundry fixes and fixups Todd Poynor
2018-07-14 5:57 ` [PATCH 01/18] staging: gasket: remove X86 Kconfig restriction Todd Poynor
2018-07-14 5:58 ` [PATCH 02/18] MAINTAINERS: Add maintainer for drivers/staging/gasket Todd Poynor
2018-07-14 6:28 ` Greg Kroah-Hartman
2018-07-14 5:58 ` [PATCH 03/18] staging: gasket: typo and whitespace cleanups Todd Poynor
2018-07-14 6:31 ` Greg Kroah-Hartman
2018-07-14 5:58 ` [PATCH 04/18] staging: gasket: device registration error and unregister fixups Todd Poynor
2018-07-16 13:53 ` Dan Carpenter
2018-07-16 21:15 ` Todd Poynor
2018-07-14 5:58 ` [PATCH 05/18] staging: gasket: sysfs mapping creation fixups Todd Poynor
2018-07-14 6:32 ` Greg Kroah-Hartman
2018-07-16 21:14 ` Todd Poynor
2018-07-17 6:55 ` Greg Kroah-Hartman
2018-07-14 5:58 ` [PATCH 06/18] staging: gasket: fix deadlock in pci driver unregister path Todd Poynor
2018-07-14 6:36 ` Greg Kroah-Hartman
2018-07-14 8:07 ` Dmitry Torokhov
2018-07-14 12:57 ` Greg Kroah-Hartman
2018-07-16 21:16 ` Todd Poynor
2018-07-14 5:58 ` [PATCH 07/18] staging: gasket: convert gasket_mmap_has_permissions to bool return Todd Poynor
2018-07-14 5:58 ` [PATCH 08/18] staging: gasket: gasket_wait_with_reschedule fixups Todd Poynor
2018-07-14 6:33 ` Greg Kroah-Hartman
2018-07-14 5:58 ` [PATCH 09/18] staging: gasket: bail out of reset sequence on device callback error Todd Poynor
2018-07-14 5:58 ` [PATCH 10/18] staging: gasket: gasket_open use container_of() Todd Poynor
2018-07-14 8:15 ` Dmitry Torokhov
2018-07-16 21:18 ` Todd Poynor
2018-07-14 5:58 ` [PATCH 11/18] staging: gasket: always allow root open for write Todd Poynor
2018-07-14 8:25 ` Dmitry Torokhov
2018-07-16 21:22 ` Todd Poynor
2018-07-15 9:05 ` Greg Kroah-Hartman
2018-07-15 9:11 ` Dmitry Torokhov
2018-07-15 9:32 ` Greg Kroah-Hartman [this message]
2018-07-15 9:53 ` Dmitry Torokhov
2018-07-15 10:03 ` Greg Kroah-Hartman
2018-07-15 18:15 ` Todd Poynor
2018-07-15 19:41 ` Greg Kroah-Hartman
2018-07-16 21:26 ` Todd Poynor
2018-07-14 5:58 ` [PATCH 12/18] staging: gasket: annotate ioctl arg with __user Todd Poynor
2018-07-14 6:35 ` Greg Kroah-Hartman
[not found] ` <CAO3upobyf9JpKLSoSPeVfNGOh6R0cud=hT+bhA=U2kNkGEJ-aw@mail.gmail.com>
2018-07-14 7:44 ` Greg Kroah-Hartman
2018-07-14 19:20 ` Todd Poynor
2018-07-15 9:00 ` Greg Kroah-Hartman
2018-07-15 17:38 ` Todd Poynor
2018-07-14 5:58 ` [PATCH 13/18] staging: gasket: gasket_enable_dev fixups Todd Poynor
2018-07-14 6:39 ` Greg Kroah-Hartman
2018-07-16 21:28 ` Todd Poynor
2018-07-14 5:58 ` [PATCH 14/18] staging: gasket: fix class create bug handling Todd Poynor
2018-07-14 8:16 ` Dmitry Torokhov
2018-07-14 5:58 ` [PATCH 15/18] staging: gasket: remove unnecessary code in coherent allocator Todd Poynor
2018-07-14 5:58 ` [PATCH 16/18] staging: gasket: gasket core error handling fixups Todd Poynor
2018-07-14 5:58 ` [PATCH 17/18] staging: gasket: don't release coherent mappings Todd Poynor
2018-07-14 5:58 ` [PATCH 18/18] staging: gasket: various cleanups Todd Poynor
2018-07-14 6:30 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180715093216.GA16003@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=devel@driverdev.osuosl.org \
--cc=dtor@chromium.org \
--cc=frankhu@chromium.org \
--cc=groeck@chromium.org \
--cc=jnjoseph@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=rspringer@google.com \
--cc=sque@chromium.org \
--cc=toddpoynor@gmail.com \
--cc=toddpoynor@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.