lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <6d37519b-fc92-1cdd-c7d8-b4eaa0d17089@redhat.com>
Date:   Fri, 2 Sep 2016 13:33:44 -0700
From:   Laura Abbott <labbott@...hat.com>
To:     Arnd Bergmann <arnd@...db.de>, linaro-mm-sig@...ts.linaro.org
Cc:     Sumit Semwal <sumit.semwal@...aro.org>,
        John Stultz <john.stultz@...aro.org>,
        Arve Hjønnevåg <arve@...roid.com>,
        Riley Andrews <riandrews@...roid.com>,
        devel@...verdev.osuosl.org, Jon Medhurst <tixy@...aro.org>,
        Android Kernel Team <kernel-team@...roid.com>,
        Liviu Dudau <Liviu.Dudau@....com>,
        linux-kernel@...r.kernel.org,
        Jeremy Gebben <jgebben@...eaurora.org>,
        Eun Taik Lee <eun.taik.lee@...sung.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Brian Starkey <brian.starkey@....com>,
        Chen Feng <puck.chen@...ilicon.com>
Subject: Re: [Linaro-mm-sig] [PATCHv2 3/4] staging: android: ion: Add an ioctl
 for ABI checking

On 09/02/2016 02:02 AM, Arnd Bergmann wrote:
> On Thursday, September 1, 2016 3:40:43 PM CEST Laura Abbott wrote:
>
>> --- a/drivers/staging/android/ion/ion-ioctl.c
>> +++ b/drivers/staging/android/ion/ion-ioctl.c
>> @@ -22,6 +22,29 @@
>>  #include "ion_priv.h"
>>  #include "compat_ion.h"
>>
>> +union ion_ioctl_arg {
>> +	struct ion_fd_data fd;
>> +	struct ion_allocation_data allocation;
>> +	struct ion_handle_data handle;
>> +	struct ion_custom_data custom;
>> +	struct ion_abi_version abi_version;
>> +};
>
> Are you introducing this, or just clarifying the defintion of the
> existing interface. For new interfaces, we should not have a union
> as an ioctl argument. Instead each ioctl command should have one
> specific structure (or better a scalar argument).
>

This was just a structure inside ion_ioctl. I pulled it out for
the validate function. It's not an actual argument to any ioctl from
userspace. ion_ioctl copies using _IOC_SIZE.

>> +static int validate_ioctl_arg(unsigned int cmd, union ion_ioctl_arg *arg)
>> +{
>> +	int ret = 0;
>> +
>> +	switch (cmd) {
>> +	case ION_IOC_ABI_VERSION:
>> +		ret = arg->abi_version.reserved != 0;
>> +		break;
>> +	default:
>> +		break;
>> +	}
>> +
>> +	return ret ? -EINVAL : 0;
>> +}
>
> I agree with Greg, ioctl interfaces should normally not be versioned,
> the usual way is to try a command and see if it fails or not.
>

The concern was trying ioctls that wouldn't actually fail or would
have some other unexpected side effect.

My conclusion from the other thread was that assuming we don't botch
up adding new ioctls in the future or make incompatible changes to
these in the future we shouldn't technically need it. I was still
trying to hedge my bets against the future but that might just be
making the problem worse?

>> +/**
>> + * struct ion_abi_version
>> + *
>> + *  @version - current ABI version
>> + */
>> +
>> +#define ION_ABI_VERSION                KERNEL_VERSION(0, 1, 0)
>> +
>> +struct ion_abi_version {
>> +	__u32 abi_version;
>> +	__u32 reserved;
>> +};
>> +
>
> This interface doesn't really need a "reserved" field, you could
> as well use a __u32 by itself. If you ever need a second field,
> just add a new command number.
>

The botching-ioctls.txt document suggested everything should be aligned
to 64-bits. Was I interpreting that too literally?

> 	Arnd
>

Thanks,
Laura

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ