On Sat, Jul 14, 2018 at 8:58 AM Todd Poynor <toddpoynor@xxxxxxxxx> wrote: > > From: Todd Poynor <toddpoynor@xxxxxxxxxx> > > Always allow root to open device for writing. > > Drop special-casing of ioctl permissions for root vs. owner. > > Reported-by: Dmitry Torokhov <dtor@xxxxxxxxxxxx> > Signed-off-by: Zhongze Hu <frankhu@xxxxxxxxxxxx> > Signed-off-by: Todd Poynor <toddpoynor@xxxxxxxxxx> I think this patch is good as is, but as a followup you should create a patch that supports user namespaces, i.e. replaces capable(CAP_SYS_ADMIN) with ns_capable(...) in gasket_open() so you can allow containers to control the device, if necessary. Reviewed-by: Dmitry Torokhov <dtor@xxxxxxxxxxxx> Thanks, Dmitry _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
