Re: [PATCH v11 2/2] binder: report txn errors via generic netlink

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Carlos Llamas <cmllamas@google.com>
To: Li Li <dualli@chromium.org>
Cc: dualli@google.com, corbet@lwn.net, davem@davemloft.net,
	edumazet@google.com, kuba@kernel.org, pabeni@redhat.com,
	donald.hunter@gmail.com, gregkh@linuxfoundation.org,
	arve@android.com, tkjos@android.com, maco@android.com,
	joel@joelfernandes.org, brauner@kernel.org, surenb@google.com,
	arnd@arndb.de, masahiroy@kernel.org, bagasdotme@gmail.com,
	horms@kernel.org, linux-kernel@vger.kernel.org,
	linux-doc@vger.kernel.org, netdev@vger.kernel.org,
	hridya@google.com, smoreland@google.com, kernel-team@android.com
Subject: Re: [PATCH v11 2/2] binder: report txn errors via generic netlink
Date: Wed, 8 Jan 2025 21:59:49 +0000	[thread overview]
Message-ID: <Z371VdHmZ3FVdrEI@google.com> (raw)
In-Reply-To: <CANBPYPhEKuxZobTVTGj-BOpKEK+XXv-_C-BuekJDB2CerUn3LA@mail.gmail.com>

On Wed, Jan 08, 2025 at 11:56:35AM -0800, Li Li wrote:
> This is a valid concern. Adding GENL_ADMIN_PERM should be enough to solve it.

Right! That seems to ask the genl stack to check for CAP_NET_ADMIN:

  if ((op.flags & GENL_ADMIN_PERM) &&
      !netlink_capable(skb, CAP_NET_ADMIN))
          return -EPERM;

... which is a much better option and we could drop the portid check to
validate permissions. Something like the following (untested)?

diff --git a/Documentation/netlink/specs/binder.yaml b/Documentation/netlink/specs/binder.yaml
index 23f26c83a7c9..a0ef31cba666 100644
--- a/Documentation/netlink/specs/binder.yaml
+++ b/Documentation/netlink/specs/binder.yaml
@@ -81,6 +81,7 @@ operations:
       name: report-setup
       doc: Set flags from user space.
       attribute-set: cmd
+      flags: [ admin-perm ]

       do:
         request: &params
diff --git a/drivers/android/binder.c b/drivers/android/binder.c
index 536be42c531e..f6791f5f231a 100644
--- a/drivers/android/binder.c
+++ b/drivers/android/binder.c
@@ -6500,13 +6500,6 @@ int binder_nl_report_setup_doit(struct sk_buff *skb, struct genl_info *info)
 	pid = nla_get_u32(info->attrs[BINDER_A_CMD_PID]);
 	flags = nla_get_u32(info->attrs[BINDER_A_CMD_FLAGS]);

-	if (context->report_portid && context->report_portid != portid) {
-		NL_SET_ERR_MSG_FMT(info->extack,
-				   "No permission to set flags from %d",
-				   portid);
-		return -EPERM;
-	}
-
	if (!pid) {
		/* Set the global flags for the whole binder context */
		context->report_flags = flags;
diff --git a/drivers/android/binder_netlink.c b/drivers/android/binder_netlink.c
index ea008f4f3635..6b3d93ff7c5d 100644
--- a/drivers/android/binder_netlink.c
+++ b/drivers/android/binder_netlink.c
@@ -24,7 +24,7 @@ static const struct genl_split_ops binder_nl_ops[] = {
 		.doit		= binder_nl_report_setup_doit,
 		.policy		= binder_report_setup_nl_policy,
 		.maxattr	= BINDER_A_CMD_FLAGS,
-		.flags		= GENL_CMD_CAP_DO,
+		.flags		= GENL_ADMIN_PERM | GENL_CMD_CAP_DO,
 	},
 };

next prev parent reply	other threads:[~2025-01-08 21:59 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-12-18 20:37 [PATCH v11 0/2] binder: report txn errors via generic netlink Li Li
2024-12-18 20:37 ` [PATCH v11 1/2] binderfs: add new binder devices to binder_devices Li Li
2024-12-18 20:37 ` [PATCH v11 2/2] binder: report txn errors via generic netlink Li Li
2025-01-07 21:29   ` Carlos Llamas
2025-01-07 21:41     ` Carlos Llamas
2025-01-08  0:00       ` Li Li
2025-01-08 19:07         ` Carlos Llamas
2025-01-08 19:56           ` Li Li
2025-01-08 21:59             ` Carlos Llamas [this message]
2025-01-09 18:51         ` Carlos Llamas
2025-01-09 19:30           ` Carlos Llamas
2025-01-09 19:48             ` Li Li
2025-01-09 20:13               ` Jakub Kicinski
2025-01-09 23:19                 ` Carlos Llamas
2025-01-10  0:18                   ` Jakub Kicinski
2025-01-14  6:01                     ` Li Li
2025-01-14 18:32                       ` Jakub Kicinski

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:23f26c83a7c dfblob:a0ef31cba66 dfblob:536be42c531
dfblob:f6791f5f231 dfblob:ea008f4f363 dfblob:6b3d93ff7c5 )
 OR (
bs:"Re: [PATCH v11 2/2] binder: report txn errors via generic netlink" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Z371VdHmZ3FVdrEI@google.com \
    --to=cmllamas@google.com \
    --cc=arnd@arndb.de \
    --cc=arve@android.com \
    --cc=bagasdotme@gmail.com \
    --cc=brauner@kernel.org \
    --cc=corbet@lwn.net \
    --cc=davem@davemloft.net \
    --cc=donald.hunter@gmail.com \
    --cc=dualli@chromium.org \
    --cc=dualli@google.com \
    --cc=edumazet@google.com \
    --cc=gregkh@linuxfoundation.org \
    --cc=horms@kernel.org \
    --cc=hridya@google.com \
    --cc=joel@joelfernandes.org \
    --cc=kernel-team@android.com \
    --cc=kuba@kernel.org \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=maco@android.com \
    --cc=masahiroy@kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=pabeni@redhat.com \
    --cc=smoreland@google.com \
    --cc=surenb@google.com \
    --cc=tkjos@android.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.