lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 9 Apr 2019 08:35:36 +0000
From:   Dragan Cvetic <draganc@...inx.com>
To:     Arnd Bergmann <arnd@...db.de>
CC:     gregkh <gregkh@...uxfoundation.org>,
        Michal Simek <michals@...inx.com>,
        Derek Kiernan <dkiernan@...inx.com>,
        Linux ARM <linux-arm-kernel@...ts.infradead.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH 04/12] misc: xilinx_sdfec: Add open, close and ioctl



> -----Original Message-----
> From: Arnd Bergmann [mailto:arnd@...db.de]
> Sent: Tuesday 19 March 2019 19:46
> To: Dragan Cvetic <draganc@...inx.com>
> Cc: gregkh <gregkh@...uxfoundation.org>; Michal Simek <michals@...inx.com>; Derek Kiernan <dkiernan@...inx.com>; Linux ARM
> <linux-arm-kernel@...ts.infradead.org>; Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
> Subject: Re: [PATCH 04/12] misc: xilinx_sdfec: Add open, close and ioctl
> 
> On Tue, Mar 19, 2019 at 7:10 PM Dragan Cvetic <draganc@...inx.com> wrote:
> > > -----Original Message-----
> > > From: Arnd Bergmann [mailto:arnd@...db.de]
> > > Sent: Tuesday 19 March 2019 15:36
> > > To: Dragan Cvetic <draganc@...inx.com>
> > > Cc: gregkh <gregkh@...uxfoundation.org>; Michal Simek <michals@...inx.com>; Linux ARM <linux-arm-
> kernel@...ts.infradead.org>;
> > > Derek Kiernan <dkiernan@...inx.com>; Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
> > > Subject: Re: [PATCH 04/12] misc: xilinx_sdfec: Add open, close and ioctl
> > >
> > > On Tue, Mar 19, 2019 at 3:59 PM Dragan Cvetic <draganc@...inx.com> wrote:
> > > > >
> > > > > > +       /* Only one open per device at a time */
> > > > > > +       if (!atomic_dec_and_test(&xsdfec->open_count)) {
> > > > > > +               atomic_inc(&xsdfec->open_count);
> > > > > > +               return -EBUSY;
> > > > > > +       }
> > > > >
> > > > > What is that limitation for? Is it worse to open it twice than
> > > > > to dup() or fork()?
> > > > >
> > > > The device can be opened only once.
> > >
> > > What I mean here is that preventing the double open() is
> > > a fairly weak protection: it means you cannot have multiple
> > > 'struct file' pointers attached to the same inode, but you
> > > can still have the same 'struct file' being available to
> > > multiple processes.
> > >
> > Could you please suggest the solution?
> > My intention was to prevent more than one process access the same device.
> 
> Generally speaking, you can't prevent it, but you should make sure that
> if two processes attempt to use the same device, nothing bad happens.
> Usually it's enough to have appropriate locking.
> 
There is a need to increase the driver security, even the proposed is not perfect,
it is acceptable for us for now.

>         Arnd

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ