From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Dmitry Torokhov <dtor@chromium.org>
Cc: devel@driverdev.osuosl.org, toddpoynor@gmail.com,
frankhu@chromium.org, jnjoseph@google.com,
lkml <linux-kernel@vger.kernel.org>,
Simon Que <sque@chromium.org>,
rspringer@google.com, Guenter Roeck <groeck@chromium.org>,
toddpoynor@google.com
Subject: Re: [PATCH 11/18] staging: gasket: always allow root open for write
Date: Sun, 15 Jul 2018 11:32:16 +0200 [thread overview]
Message-ID: <20180715093216.GA16003@kroah.com> (raw)
In-Reply-To: <CAE_wzQ_YosCJro46uuF1v6TQhVaTaXLdiLVD7gb94BwQx00SuQ@mail.gmail.com>
On Sun, Jul 15, 2018 at 12:11:47PM +0300, Dmitry Torokhov wrote:
> On Sun, Jul 15, 2018 at 12:05 PM Greg Kroah-Hartman
> <gregkh@linuxfoundation.org> wrote:
> >
> > On Fri, Jul 13, 2018 at 10:58:09PM -0700, Todd Poynor wrote:
> > > From: Todd Poynor <toddpoynor@google.com>
> > >
> > > Always allow root to open device for writing.
> > >
> > > Drop special-casing of ioctl permissions for root vs. owner.
> > >
> > > Reported-by: Dmitry Torokhov <dtor@chromium.org>
> > > Signed-off-by: Zhongze Hu <frankhu@chromium.org>
> > > Signed-off-by: Todd Poynor <toddpoynor@google.com>
> > > ---
> > > drivers/staging/gasket/apex_driver.c | 9 +++------
> > > drivers/staging/gasket/gasket_core.c | 8 +++++---
> > > drivers/staging/gasket/gasket_ioctl.c | 15 ++++++---------
> > > 3 files changed, 14 insertions(+), 18 deletions(-)
> > >
> > > diff --git a/drivers/staging/gasket/apex_driver.c b/drivers/staging/gasket/apex_driver.c
> > > index b1318482ba65..ffe11d8168ea 100644
> > > --- a/drivers/staging/gasket/apex_driver.c
> > > +++ b/drivers/staging/gasket/apex_driver.c
> > > @@ -644,13 +644,10 @@ static bool is_gcb_in_reset(struct gasket_dev *gasket_dev)
> > > static uint apex_ioctl_check_permissions(struct file *filp, uint cmd)
> > > {
> > > struct gasket_dev *gasket_dev = filp->private_data;
> > > - int root = capable(CAP_SYS_ADMIN);
> > > - int is_owner = gasket_dev->dev_info.ownership.is_owned &&
> > > - current->tgid == gasket_dev->dev_info.ownership.owner;
> > > + fmode_t write;
> > >
> > > - if (root || is_owner)
> > > - return 1;
> > > - return 0;
> > > + write = filp->f_mode & FMODE_WRITE;
> >
> > Ok, this is insane. You don't change, or check, the permissions on a
> > file handle while it is already open, as you only check the permissions
> > on OPEN, not on WRITE. See the recent rant from Linus on the linux-api
> > list for yet-another-long-threaad in which he explains this.
> >
> > So this whole ioctl can just be removed, it is totally crazy and wrong
> > and should just be removed.
>
> No, the code checks whether the requested ioctl command is compatible
> with the mode the file handle was open with. There are some ioctls
> that are allowed on file handle opened for read and others that
> require file handle to be opened for write. That is all. It does not
> change permissions past open.
That's really not obvious here :)
And is odd on a whole other set of "crazy design", but ok, let's let it
live for now.
I can't wait for people to just realize this whole "new" subsystem can
be replaced with UIO, but that's a topic for a different thread...
thanks,
greg k-h
next prev parent reply other threads:[~2018-07-15 9:32 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-14 5:57 [PATCH 00/18] staging: gasket: sundry fixes and fixups Todd Poynor
2018-07-14 5:57 ` [PATCH 01/18] staging: gasket: remove X86 Kconfig restriction Todd Poynor
2018-07-14 5:58 ` [PATCH 02/18] MAINTAINERS: Add maintainer for drivers/staging/gasket Todd Poynor
2018-07-14 6:28 ` Greg Kroah-Hartman
2018-07-14 5:58 ` [PATCH 03/18] staging: gasket: typo and whitespace cleanups Todd Poynor
2018-07-14 6:31 ` Greg Kroah-Hartman
2018-07-14 5:58 ` [PATCH 04/18] staging: gasket: device registration error and unregister fixups Todd Poynor
2018-07-16 13:53 ` Dan Carpenter
2018-07-16 21:15 ` Todd Poynor
2018-07-14 5:58 ` [PATCH 05/18] staging: gasket: sysfs mapping creation fixups Todd Poynor
2018-07-14 6:32 ` Greg Kroah-Hartman
2018-07-16 21:14 ` Todd Poynor
2018-07-17 6:55 ` Greg Kroah-Hartman
2018-07-14 5:58 ` [PATCH 06/18] staging: gasket: fix deadlock in pci driver unregister path Todd Poynor
2018-07-14 6:36 ` Greg Kroah-Hartman
2018-07-14 8:07 ` Dmitry Torokhov
2018-07-14 12:57 ` Greg Kroah-Hartman
2018-07-16 21:16 ` Todd Poynor
2018-07-14 5:58 ` [PATCH 07/18] staging: gasket: convert gasket_mmap_has_permissions to bool return Todd Poynor
2018-07-14 5:58 ` [PATCH 08/18] staging: gasket: gasket_wait_with_reschedule fixups Todd Poynor
2018-07-14 6:33 ` Greg Kroah-Hartman
2018-07-14 5:58 ` [PATCH 09/18] staging: gasket: bail out of reset sequence on device callback error Todd Poynor
2018-07-14 5:58 ` [PATCH 10/18] staging: gasket: gasket_open use container_of() Todd Poynor
2018-07-14 8:15 ` Dmitry Torokhov
2018-07-16 21:18 ` Todd Poynor
2018-07-14 5:58 ` [PATCH 11/18] staging: gasket: always allow root open for write Todd Poynor
2018-07-14 8:25 ` Dmitry Torokhov
2018-07-16 21:22 ` Todd Poynor
2018-07-15 9:05 ` Greg Kroah-Hartman
2018-07-15 9:11 ` Dmitry Torokhov
2018-07-15 9:32 ` Greg Kroah-Hartman [this message]
2018-07-15 9:53 ` Dmitry Torokhov
2018-07-15 10:03 ` Greg Kroah-Hartman
2018-07-15 18:15 ` Todd Poynor
2018-07-15 19:41 ` Greg Kroah-Hartman
2018-07-16 21:26 ` Todd Poynor
2018-07-14 5:58 ` [PATCH 12/18] staging: gasket: annotate ioctl arg with __user Todd Poynor
2018-07-14 6:35 ` Greg Kroah-Hartman
[not found] ` <CAO3upobyf9JpKLSoSPeVfNGOh6R0cud=hT+bhA=U2kNkGEJ-aw@mail.gmail.com>
2018-07-14 7:44 ` Greg Kroah-Hartman
2018-07-14 19:20 ` Todd Poynor
2018-07-15 9:00 ` Greg Kroah-Hartman
2018-07-15 17:38 ` Todd Poynor
2018-07-14 5:58 ` [PATCH 13/18] staging: gasket: gasket_enable_dev fixups Todd Poynor
2018-07-14 6:39 ` Greg Kroah-Hartman
2018-07-16 21:28 ` Todd Poynor
2018-07-14 5:58 ` [PATCH 14/18] staging: gasket: fix class create bug handling Todd Poynor
2018-07-14 8:16 ` Dmitry Torokhov
2018-07-14 5:58 ` [PATCH 15/18] staging: gasket: remove unnecessary code in coherent allocator Todd Poynor
2018-07-14 5:58 ` [PATCH 16/18] staging: gasket: gasket core error handling fixups Todd Poynor
2018-07-14 5:58 ` [PATCH 17/18] staging: gasket: don't release coherent mappings Todd Poynor
2018-07-14 5:58 ` [PATCH 18/18] staging: gasket: various cleanups Todd Poynor
2018-07-14 6:30 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180715093216.GA16003@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=devel@driverdev.osuosl.org \
--cc=dtor@chromium.org \
--cc=frankhu@chromium.org \
--cc=groeck@chromium.org \
--cc=jnjoseph@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=rspringer@google.com \
--cc=sque@chromium.org \
--cc=toddpoynor@gmail.com \
--cc=toddpoynor@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox