From: Aristeu Rozanski <aris-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
To: Tejun Heo <tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
Cc: cgroups-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Li Zefan <lizefan-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>,
Serge Hallyn
<serge.hallyn-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>
Subject: Re: [PATCH] device_cgroup: do not use rule acceptance function to validate access
Date: Mon, 14 Apr 2014 14:16:12 -0400 [thread overview]
Message-ID: <20140414181611.GU29214@redhat.com> (raw)
In-Reply-To: <20140414180323.GC15249-Gd/HAXX7CRxy/B6EtB590w@public.gmane.org>
Hi Tejun,
On Mon, Apr 14, 2014 at 02:03:23PM -0400, Tejun Heo wrote:
> On Mon, Apr 14, 2014 at 10:47:54AM -0400, Aristeu Rozanski wrote:
> > may_access() is currently used to validate both new exceptions from children
> > groups and to check if an access is allowed. This not only makes it hard to
> > understand and maintain, but it's also incorrect.
> >
> > It currently allows one to:
> >
> > # mkdir new_group
> > # cd new_group
> > # echo $$ >tasks
> > # echo "c 1:3 w" >devices.deny
> > # echo >/dev/null
> > # echo $?
> > 0
>
> It'd be nice to explain how this is broken and why the code paths
> can't be shared.
ok
> > This patch implements the device file access check separately and fixes
> > the issue.
> >
> > This is broken since c39a2a3018f8065cb5ea38b0314c1bbedb2cfa0d
>
> Please use 12-digits-of-SHA1 ("Subject of the patch") format.
ok
> > After review, this should be considered for stable series.
> >
> > Signed-off-by: Aristeu Rozanski <aris-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
>
> Can you please cc stable on the next posting?
ok
> > - rc = may_access(dev_cgroup, &ex, dev_cgroup->behavior);
> > + behavior = dev_cgroup->behavior;
> > + list_for_each_entry_rcu(ex, &dev_cgroup->exceptions, list) {
> > + if (type == DEV_BLOCK && !(ex->type & DEV_BLOCK))
> > + continue;
> > + if (type == DEV_CHAR && !(ex->type & DEV_CHAR))
> > + continue;
> > + if (ex->major != ~0 && major != ex->major)
> > + continue;
> > + if (ex->minor != ~0 && minor != ex->minor)
> > + continue;
> > + if (access & (~ex->access))
> > + continue;
> > + match = true;
> > + break;
>
> Can't we at least factor out the above part and share it between the
> two functions?
ok
> Currently, there's a lot of duplication in rather
> delicate code and it's not clear where they differ and why.
Are you referring to the duplication in this patch or other areas too?
--
Aristeu
next prev parent reply other threads:[~2014-04-14 18:16 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-14 14:47 [PATCH] device_cgroup: do not use rule acceptance function to validate access Aristeu Rozanski
[not found] ` <20140414144736.GS29214-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2014-04-14 18:03 ` Tejun Heo
[not found] ` <20140414180323.GC15249-Gd/HAXX7CRxy/B6EtB590w@public.gmane.org>
2014-04-14 18:16 ` Aristeu Rozanski [this message]
[not found] ` <20140414181611.GU29214-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2014-04-14 19:07 ` Tejun Heo
2014-04-15 15:57 ` Serge Hallyn
2014-04-15 16:53 ` Aristeu Rozanski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140414181611.GU29214@redhat.com \
--to=aris-h+wxahxf7alqt0dzr+alfa@public.gmane.org \
--cc=cgroups-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=lizefan-hv44wF8Li93QT0dZR+AlfA@public.gmane.org \
--cc=serge.hallyn-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org \
--cc=tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).