From: Thomas Gleixner <tglx@linutronix.de>
To: Wojtek Wasko <wwasko@nvidia.com>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>
Cc: "richardcochran@gmail.com" <richardcochran@gmail.com>,
"vadim.fedorenko@linux.dev" <vadim.fedorenko@linux.dev>,
"kuba@kernel.org" <kuba@kernel.org>,
"horms@kernel.org" <horms@kernel.org>,
"anna-maria@linutronix.de" <anna-maria@linutronix.de>,
"frederic@kernel.org" <frederic@kernel.org>,
"pabeni@redhat.com" <pabeni@redhat.com>
Subject: RE: [PATCH net-next v3 2/3] ptp: Add file permission checks on PHCs
Date: Thu, 20 Feb 2025 13:53:00 +0100 [thread overview]
Message-ID: <87msegixqr.ffs@tglx> (raw)
In-Reply-To: <DM4PR12MB855850D05B3332C4DDA0D76CBEFA2@DM4PR12MB8558.namprd12.prod.outlook.com>
On Wed, Feb 19 2025 at 09:45, Wojtek Wasko wrote:
> On Mon, Feb 17 2025 at 21:24, Thomas Gleixner wrote:
>> > One limitation
>> > remains: querying the adjusted frequency of a PTP device (using
>> > adjtime() with an empty modes field) is not supported for chardevs
>> > opened without WRITE permissions, as the POSIX layer mandates WRITE
>> > access for any adjtime operation.
>>
>> That's a fixable problem, no?
>
> Absolutely, but to be honest I wasn't sure about how to properly change
> the access check in adjtime given it's a "generic" API. I ended up with
> something along the lines of:
>
> if (tx->modes & ~(ADJ_NANO | ADJ_MICRO))
> /* require WRITE */
>
> being that ADJ_NANO and ADJ_MICRO by themselves don't mean the clock will
> be modified. So the modes field is not really "empty" per se and the check
> becomes less self-explanatory.
ADJ_NANO and ADJ_MICRO modify the internal status. A read only operation
has to have tx->modes == 0 and the result will be served in the
NANO/MICRO representation which was set by the control application which
can write.
adjtimex(2) is clearly saying:
"The modes field determines which parameters, if any, to set."
Consequently modes != 0 requires CAP_SYS_TIME, while modes == 0 is
unpriviledged. So requiring WRITE for the FD based posix clocks is not
asked too much.
Thanks,
tglx
next prev parent reply other threads:[~2025-02-20 12:53 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-17 9:50 [PATCH net-next v3 0/3] Permission checks for dynamic POSIX clocks Wojtek Wasko
2025-02-17 9:50 ` [PATCH net-next v3 1/3] posix-clock: Store file pointer in struct posix_clock_context Wojtek Wasko
2025-02-17 20:23 ` Thomas Gleixner
2025-02-17 9:50 ` [PATCH net-next v3 2/3] ptp: Add file permission checks on PHCs Wojtek Wasko
2025-02-17 20:24 ` Thomas Gleixner
2025-02-19 9:45 ` Wojtek Wasko
2025-02-20 12:53 ` Thomas Gleixner [this message]
2025-02-20 14:07 ` Wojtek Wasko
2025-02-17 9:50 ` [PATCH net-next v3 3/3] testptp: add option to open PHC in readonly mode Wojtek Wasko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87msegixqr.ffs@tglx \
--to=tglx@linutronix.de \
--cc=anna-maria@linutronix.de \
--cc=frederic@kernel.org \
--cc=horms@kernel.org \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=richardcochran@gmail.com \
--cc=vadim.fedorenko@linux.dev \
--cc=wwasko@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.