lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 5 Oct 2017 15:06:12 +0200
From:   Benjamin Gaignard <benjamin.gaignard@...aro.org>
To:     Mark Brown <broonie@...nel.org>
Cc:     Sandeep Patil <sspatil@...gle.com>,
        Laura Abbott <labbott@...hat.com>,
        driverdevel <devel@...verdev.osuosl.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Arve Hjønnevåg <arve@...roid.com>,
        "dri-devel@...ts.freedesktop.org" <dri-devel@...ts.freedesktop.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Riley Andrews <riandrews@...roid.com>,
        linux-api@...r.kernel.org, Sumit Semwal <sumit.semwal@...aro.org>,
        Dan Carpenter <dan.carpenter@...cle.com>
Subject: Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

2017-10-04 12:17 GMT+02:00 Mark Brown <broonie@...nel.org>:
> On Tue, Oct 03, 2017 at 04:08:30PM -0700, Sandeep Patil wrote:
>
>> It is entirely possible and easy in android/ueventd to create those nodes
>> under "/dev/ion/".  (assuming the heap 'subsystem' for these new devices will
>> point to 'ion').

I think it is the same problem than for webcam under v4l framework.
Each time you plug a webcam you got a v4l node but android/uevent rules
the plug order doesn't have impact.
The same think will happen for ion nodes it may be even easier because
the heap will always being created in the smae order for a given product
configuration.

>
> The reason I didn't say /dev/ion/foo initially is that if people want to
> keep the existing /dev/ion around for compatibility reasons then the
> /dev/ion name isn't available which might cause issues.  Otherwise just
> dumping everything under a directory (perhaps with a different name) was
> my first thought as well.
>
>> (Also FWIW, the SELinux permissions are also possible with the current ion
>> implementation by adding rules to disallow specific ioctls instead of adding
>> permissions to access device node as this change would do)
>
> AIUI the request is to limit access to specific heaps, and obviously not
> everyone wants to deal with SELinux at all.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ