| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 2 May 2009 03:16:36 -0400
From: Christoph Hellwig <hch@...radead.org>
To: Kay Sievers <kay.sievers@...y.org>
Cc: linux-kernel <linux-kernel@...r.kernel.org>,
Greg KH <greg@...ah.com>, Jan Blunck <jblunck@...e.de>,
linux-arch@...r.kernel.org, viro@...iv.linux.org.uk,
torvalds@...l.org, akpm@...l.org, adam@...drasil.com
Subject: Re: [PATCH] driver-core: devtmpfs - driver core maintained /dev
tmpfs
On Thu, Apr 30, 2009 at 03:23:42PM +0200, Kay Sievers wrote:
> From: Kay Sievers <kay.sievers@...y.org>
> Subject: driver-core: devtmpfs - driver core maintained /dev tmpfs
Umm, guys this needs much broader discussion than just sneaking in
a patch under the covers.
It basically does re-introduce devfs under a different name, and from
looking at the implementation it might not be quite as bad a Gooch's
original, but it's certainly worse than Adam Richters rewrite the we
never ended up merging.
Now we might want to revisit the decision to leave all the device name
handling to a userspace daemon, because it provded to be quite fragile
under certain circumstances, and you apparently see performance issues.
> Devtmpfs lets the kernel create a tmpfs very early at kernel
> initialization, before any driver core device is registered. Every
> device with a major/minor will have a device node created in this
> tmpfs instance. After the rootfs is mounted by the kernel, the
> populated tmpfs is mounted at /dev. In initramfs, it can be moved
> to the manually mounted root filesystem before /sbin/init is
> executed.
That for example is something that is not acceptable. We really don't
want the kernel to mess with the initial namespace in such a major way.
> The tmpfs instance can be changed and altered by userspace at any time,
> and in any way needed - just like today's udev-mounted tmpfs. Unmodified
> udev versions will run just fine on top of it, and will recognize an
> already existing kernel-created device node and use it.
> The default node permissions are root:root 0600. Only if none of these
> values have been changed by userspace, the driver core will remove the
> device node when the device goes away. If the device node was altered
> by udev, by applying the appropriate permissions and ownership, it will
> need to be removed by udev - just as it usually works today.
That's some really, really odd lifetime rules.
Counter-proposal: Re-introduce a proper mini-devfs. All nodes in there
are kernel-created and not changeable which sorts out that whole
mess of both drivers and userspace messing with tree topology we had
both in original devfs and this new devtmpfs. Single-instance so it can be
populated before it's actually mounted somewhere, that way the kernel
doesn't have to do any policy devicision on where it's mounted. Mount
point would usually be /dev/something so /dev can remaining udev-managed
tmpfs or even manually maintained and symlinks can point into
/dev/something.
> +static char *bsg_nodename(struct device *dev)
> +{
> + return kasprintf(GFP_KERNEL, "bsg/%s", dev_name(dev));
> +}
> +
> static int __init bsg_init(void)
> {
> int ret, i;
> @@ -1082,6 +1087,7 @@ static int __init bsg_init(void)
> ret = PTR_ERR(bsg_class);
> goto destroy_kmemcache;
> }
> + bsg_class->nodename = bsg_nodename;
And adding this gunk to every driver is really ugly. Must say
late-devfs version of the same defintively was more pretty.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists