Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Subject: Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()
From: Sagi Grimberg <sagi@xxxxxxxxxxx>
Date: Thu, 25 Jul 2019 12:43:27 -0700
Cc: Logan Gunthorpe <logang@xxxxxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx, linux-nvme@xxxxxxxxxxxxxxxxxxx, linux-block@xxxxxxxxxxxxxxx, linux-fsdevel@xxxxxxxxxxxxxxx, Christoph Hellwig <hch@xxxxxx>, Keith Busch <kbusch@xxxxxxxxxx>, Jens Axboe <axboe@xxxxxx>, Chaitanya Kulkarni <Chaitanya.Kulkarni@xxxxxxx>, Max Gurtovoy <maxg@xxxxxxxxxxxx>, Stephen Bates <sbates@xxxxxxxxxxxx>, Alexander Viro <viro@xxxxxxxxxxxxxxxxxx>
In-reply-to: <966fa988-de56-effe-dd52-3515ee83629c@grimberg.me>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0

So, as was kind of alluded to in another part of the thread, what are
you doing about permissions?  It seems that any user/group permissions
are out the window when you have the kernel itself do the opening of the
char device, right?  Why is that ok?  You can pass it _any_ character
device node and away it goes?  What if you give it a "wrong" one?  Char
devices are very different from block devices this way.


We could condition any configfs operation on capable(CAP_NET_ADMIN) to
close that hole for now..


s/NET/SYS/...

References:
- [PATCH v6 00/16] nvmet: add target passthru commands support
  - From: Logan Gunthorpe
- [PATCH v6 02/16] chardev: introduce cdev_get_by_path()
  - From: Logan Gunthorpe
- Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()
  - From: Greg Kroah-Hartman
- Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()
  - From: Logan Gunthorpe
- Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()
  - From: Greg Kroah-Hartman
- Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()
  - From: Logan Gunthorpe
- Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()
  - From: Greg Kroah-Hartman
- Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()
  - From: Logan Gunthorpe
- Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()
  - From: Sagi Grimberg
- Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()
  - From: Greg Kroah-Hartman
- Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()
  - From: Sagi Grimberg

Prev by Date: Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()
Next by Date: Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()
Previous by thread: Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()
Next by thread: Re: [PATCH v6 02/16] chardev: introduce cdev_get_by_path()
Index(es):
- Date
- Thread

[Index of Archives] [Linux Ext4 Filesystem] [Union Filesystem] [Filesystem Testing] [Ceph Users] [Ecryptfs] [AutoFS] [Kernel Newbies] [Share Photos] [Security] [Netfilter] [Bugtraq] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux Cachefs] [Reiser Filesystem] [Linux RAID] [Samba] [Device Mapper] [CEPH Development]