lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20170926050914.pdc64yafdhfg634a@phenom.ffwll.local>
Date:   Tue, 26 Sep 2017 07:09:14 +0200
From:   Daniel Vetter <daniel@...ll.ch>
To:     Laura Abbott <labbott@...hat.com>
Cc:     Benjamin Gaignard <benjamin.gaignard@...aro.org>,
        sumit.semwal@...aro.org, gregkh@...uxfoundation.org,
        arve@...roid.com, riandrews@...roid.com, broonie@...nel.org,
        dan.carpenter@...cle.com, devel@...verdev.osuosl.org,
        linux-kernel@...r.kernel.org, dri-devel@...ts.freedesktop.org
Subject: Re: [PATCH v3 2/2] staging: ion: create one device entry per heap

On Mon, Sep 25, 2017 at 11:26:27AM -0700, Laura Abbott wrote:
> On 09/20/2017 01:45 AM, Benjamin Gaignard wrote:
> > Instead a getting one common device "/dev/ion" for
> > all the heaps this patch allow to create one device
> > entry ("/dev/ionX") per heap.
> > Getting an entry per heap could allow to set security rules
> > per heap and global ones for all heaps.
> > 
> > Allocation requests will be only allowed if the mask_id
> > match with device minor.
> > Query request could be done on any of the devices.
> > Deivce node major will also change and that may impact init scripts.
> > 
> 
> We should start Cc linux-api for future changes since we're going
> to have more than just /dev/ion.
> 
> Thinking about this some more, I think we need to allow backwards
> compatibility. It's just not feasible to keep throwing workarounds
> into userspace if we can avoid it. I'd propose keeping the old /dev/ion
> misc interface available under a Kconfig and then creating the new
> split heaps in parallel.
> 
> On a somewhat related note, there was some interest in possibly
> having a sysfs interface for Ion long term. I don't think this
> needs to happen right now but I'd like whatever we do to not
> make adding that harder.

Not sure sysfs is a good idea for allocating buffers. The backlight
interface is in sysfs, which defacto makes it a root-only interface.
Distros really hate that, because it makes unpriviledged X/wayland really
hard to pull of. Passing a device file otoh from logind to the compositor
is dead simple (and how X et al get at e.g. the drm/input devices
already).

Adding some links from devices to corresponding ion heaps somewhere in
sysfs makes sense, and those could be read by anyone.
-Daniel
-- 
Daniel Vetter
Software Engineer, Intel Corporation
http://blog.ffwll.ch

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ