From: "Bjørn Mork" <bjorn-yOkvZcmFvRU@public.gmane.org>
To: "Emilio López" <emilio.lopez-ZGY8ohtN/8pPYcu2f3hruQ@public.gmane.org>
Cc: gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org,
stern-nwvwT67g6+6dFdvTe/nMLpVzexx5G7lz@public.gmane.org,
kborer-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org,
k.opasiak-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org,
reillyg-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org,
keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org,
linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-usb-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
jorgelo-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org,
dan.carpenter-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org
Subject: Re: [PATCH v2] usb: devio: Add ioctl to disallow detaching kernel USB drivers.
Date: Fri, 22 Jan 2016 10:41:11 +0100 [thread overview]
Message-ID: <8760ymdk94.fsf@nemi.mork.no> (raw)
In-Reply-To: <1453420476-26125-1-git-send-email-emilio.lopez-ZGY8ohtN/8pPYcu2f3hruQ@public.gmane.org> ("Emilio López"'s message of "Thu, 21 Jan 2016 20:54:36 -0300")
Emilio López <emilio.lopez-ZGY8ohtN/8pPYcu2f3hruQ@public.gmane.org> writes:
> diff --git a/drivers/usb/core/devio.c b/drivers/usb/core/devio.c
> index 38ae877c..bf40aa6 100644
> --- a/drivers/usb/core/devio.c
> +++ b/drivers/usb/core/devio.c
> @@ -77,6 +77,8 @@ struct usb_dev_state {
> unsigned long ifclaimed;
> u32 secid;
> u32 disabled_bulk_eps;
> + bool privileges_dropped;
> + unsigned long interface_allowed_mask;
> };
>
> struct async {
> @@ -641,6 +643,14 @@ static int claimintf(struct usb_dev_state *ps, unsigned int ifnum)
> if (test_bit(ifnum, &ps->ifclaimed))
> return 0;
>
> + if (ps->privileges_dropped) {
> + if (ifnum >= 8*sizeof(ps->interface_allowed_mask))
> + return -EINVAL;
I don't think you need this runtime test. You can just make sure that
sizeof(ps->interface_allowed_mask) == sizeof(ps->ifclaimed) at build
time.
I do find this variable and arbitrary limit a bit confusing, but that's
not your fault - I guess it is an indication that ifnums > 31 are rare
:)
> diff --git a/include/uapi/linux/usbdevice_fs.h b/include/uapi/linux/usbdevice_fs.h
> index 019ba1e..9abcb34 100644
> --- a/include/uapi/linux/usbdevice_fs.h
> +++ b/include/uapi/linux/usbdevice_fs.h
> @@ -154,6 +154,10 @@ struct usbdevfs_streams {
> unsigned char eps[0];
> };
>
> +struct usbdevfs_drop_privs {
> + unsigned long interface_allowed_mask;
> +};
> +
"unsigned long" isn't a very good choice here, is it?
Bjørn
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
WARNING: multiple messages have this Message-ID (diff)
From: "Bjørn Mork" <bjorn@mork.no>
To: "Emilio López" <emilio.lopez@collabora.co.uk>
Cc: gregkh@linuxfoundation.org, stern@rowland.harvard.edu,
kborer@gmail.com, k.opasiak@samsung.com, reillyg@chromium.org,
keescook@chromium.org, linux-api@vger.kernel.org,
linux-usb@vger.kernel.org, linux-kernel@vger.kernel.org,
jorgelo@chromium.org, dan.carpenter@oracle.com
Subject: Re: [PATCH v2] usb: devio: Add ioctl to disallow detaching kernel USB drivers.
Date: Fri, 22 Jan 2016 10:41:11 +0100 [thread overview]
Message-ID: <8760ymdk94.fsf@nemi.mork.no> (raw)
In-Reply-To: <1453420476-26125-1-git-send-email-emilio.lopez@collabora.co.uk> ("Emilio López"'s message of "Thu, 21 Jan 2016 20:54:36 -0300")
Emilio López <emilio.lopez@collabora.co.uk> writes:
> diff --git a/drivers/usb/core/devio.c b/drivers/usb/core/devio.c
> index 38ae877c..bf40aa6 100644
> --- a/drivers/usb/core/devio.c
> +++ b/drivers/usb/core/devio.c
> @@ -77,6 +77,8 @@ struct usb_dev_state {
> unsigned long ifclaimed;
> u32 secid;
> u32 disabled_bulk_eps;
> + bool privileges_dropped;
> + unsigned long interface_allowed_mask;
> };
>
> struct async {
> @@ -641,6 +643,14 @@ static int claimintf(struct usb_dev_state *ps, unsigned int ifnum)
> if (test_bit(ifnum, &ps->ifclaimed))
> return 0;
>
> + if (ps->privileges_dropped) {
> + if (ifnum >= 8*sizeof(ps->interface_allowed_mask))
> + return -EINVAL;
I don't think you need this runtime test. You can just make sure that
sizeof(ps->interface_allowed_mask) == sizeof(ps->ifclaimed) at build
time.
I do find this variable and arbitrary limit a bit confusing, but that's
not your fault - I guess it is an indication that ifnums > 31 are rare
:)
> diff --git a/include/uapi/linux/usbdevice_fs.h b/include/uapi/linux/usbdevice_fs.h
> index 019ba1e..9abcb34 100644
> --- a/include/uapi/linux/usbdevice_fs.h
> +++ b/include/uapi/linux/usbdevice_fs.h
> @@ -154,6 +154,10 @@ struct usbdevfs_streams {
> unsigned char eps[0];
> };
>
> +struct usbdevfs_drop_privs {
> + unsigned long interface_allowed_mask;
> +};
> +
"unsigned long" isn't a very good choice here, is it?
Bjørn
next prev parent reply other threads:[~2016-01-22 9:41 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-25 15:45 [PATCH v1 0/1] ioctl to disallow detaching kernel USB drivers Emilio López
2015-11-25 15:45 ` Emilio López
2015-11-25 15:45 ` [PATCH v1] usb: devio: Add " Emilio López
2015-11-26 8:59 ` Peter Chen
2015-11-26 8:59 ` Peter Chen
2015-11-26 9:20 ` Dan Carpenter
[not found] ` <1448466334-21346-1-git-send-email-emilio.lopez-ZGY8ohtN/8pPYcu2f3hruQ@public.gmane.org>
2015-11-26 9:19 ` [PATCH v1 0/1] " Krzysztof Opasiak
2015-11-26 9:19 ` Krzysztof Opasiak
2015-11-26 17:29 ` Greg KH
[not found] ` <20151126172914.GA8671-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2015-11-27 8:44 ` Krzysztof Opasiak
2015-11-27 8:44 ` Krzysztof Opasiak
[not found] ` <565817FD.3090409-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2015-11-28 2:39 ` Greg KH
2015-11-28 2:39 ` Greg KH
[not found] ` <20151128023925.GA5177-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2015-11-30 9:08 ` Oliver Neukum
2015-11-30 9:08 ` Oliver Neukum
2015-11-30 16:16 ` Alan Stern
[not found] ` <Pine.LNX.4.44L0.1511301113120.1938-100000-IYeN2dnnYyZXsRXLowluHWD2FQJk+8+b@public.gmane.org>
2015-11-30 17:12 ` Krzysztof Opasiak
2015-11-30 17:12 ` Krzysztof Opasiak
[not found] ` <565C8376.6070505-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2015-11-30 17:20 ` Greg KH
2015-11-30 17:20 ` Greg KH
[not found] ` <20151130172028.GA1088-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2015-11-30 18:48 ` Krzysztof Opasiak
2015-11-30 18:48 ` Krzysztof Opasiak
[not found] ` <565C9A18.6000006-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2016-01-19 16:39 ` Emilio López
2016-01-19 16:39 ` Emilio López
[not found] ` <569E66DF.3050004-ZGY8ohtN/8pPYcu2f3hruQ@public.gmane.org>
2016-01-19 18:07 ` Greg KH
2016-01-19 18:07 ` Greg KH
[not found] ` <20160119180752.GA10487-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2016-01-21 23:54 ` [PATCH v2] usb: devio: Add " Emilio López
2016-01-21 23:54 ` Emilio López
[not found] ` <1453420476-26125-1-git-send-email-emilio.lopez-ZGY8ohtN/8pPYcu2f3hruQ@public.gmane.org>
2016-01-22 9:41 ` Bjørn Mork [this message]
2016-01-22 9:41 ` Bjørn Mork
[not found] ` <8760ymdk94.fsf-lbf33ChDnrE/G1V5fR+Y7Q@public.gmane.org>
2016-01-25 1:40 ` Emilio López
2016-01-25 1:40 ` Emilio López
2016-01-25 8:39 ` Bjørn Mork
[not found] ` <87powqrr1s.fsf-lbf33ChDnrE/G1V5fR+Y7Q@public.gmane.org>
2016-01-25 15:21 ` Alan Stern
2016-01-25 15:21 ` Alan Stern
[not found] ` <Pine.LNX.4.44L0.1601251016490.1849-100000-IYeN2dnnYyZXsRXLowluHWD2FQJk+8+b@public.gmane.org>
2016-01-25 15:32 ` Bjørn Mork
2016-01-25 15:32 ` Bjørn Mork
[not found] ` <8737tln08x.fsf-lbf33ChDnrE/G1V5fR+Y7Q@public.gmane.org>
2016-01-25 15:46 ` Alan Stern
2016-01-25 15:46 ` Alan Stern
2016-01-22 16:10 ` Alan Stern
2016-01-22 16:10 ` Alan Stern
2016-01-25 2:01 ` Emilio López
2016-02-04 3:20 ` [PATCH v3] " Emilio López
2016-02-04 3:20 ` Emilio López
[not found] ` <1454556057-18956-1-git-send-email-emilio.lopez-ZGY8ohtN/8pPYcu2f3hruQ@public.gmane.org>
2016-02-04 3:46 ` Greg KH
2016-02-04 3:46 ` Greg KH
2016-02-15 1:41 ` [PATCH v4] " Emilio López
2016-02-15 1:41 ` Emilio López
[not found] ` <1455500516-21590-1-git-send-email-emilio.lopez-ZGY8ohtN/8pPYcu2f3hruQ@public.gmane.org>
2016-02-18 18:44 ` Alan Stern
2016-02-18 18:44 ` Alan Stern
2016-02-04 16:27 ` [PATCH v3] " Alan Stern
2016-02-04 16:27 ` Alan Stern
[not found] ` <Pine.LNX.4.44L0.1602041122340.1515-100000-IYeN2dnnYyZXsRXLowluHWD2FQJk+8+b@public.gmane.org>
2016-02-08 1:56 ` Emilio López
2016-02-08 1:56 ` Emilio López
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8760ymdk94.fsf@nemi.mork.no \
--to=bjorn-yokvzcmfvru@public.gmane.org \
--cc=dan.carpenter-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org \
--cc=emilio.lopez-ZGY8ohtN/8pPYcu2f3hruQ@public.gmane.org \
--cc=gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org \
--cc=jorgelo-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org \
--cc=k.opasiak-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org \
--cc=kborer-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org \
--cc=linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-usb-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=reillyg-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org \
--cc=stern-nwvwT67g6+6dFdvTe/nMLpVzexx5G7lz@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.