lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20210709083934.ghkohnqq4x23rs7d@wittgenstein>
Date:   Fri, 9 Jul 2021 10:39:34 +0200
From:   Christian Brauner <christian.brauner@...ntu.com>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     Carlos Llamas <cmllamas@...gle.com>,
        Arve Hjønnevåg <arve@...roid.com>,
        Todd Kjos <tkjos@...roid.com>,
        Martijn Coenen <maco@...roid.com>,
        Christian Brauner <christian@...uner.io>,
        Joel Fernandes <joel@...lfernandes.org>,
        Steven Moreland <smoreland@...gle.com>,
        kernel-team@...roid.com, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] ANDROID: binderfs: add capabilities support

On Wed, Jul 07, 2021 at 06:59:46PM +0200, Greg Kroah-Hartman wrote:
> On Wed, Jul 07, 2021 at 04:24:19PM +0000, Carlos Llamas wrote:
> > Provide userspace with a mechanism to discover binder driver
> > capabilities to refrain from using these unsupported features
> > in the first place. Note that older capabilities are assumed
> > to be supported and only new ones will be added.
> 
> What defines "new" vs. "old"?  Where was the line drawn?
> 
> > Signed-off-by: Carlos Llamas <cmllamas@...gle.com>
> > ---
> >  drivers/android/binderfs.c | 45 ++++++++++++++++++++++++++++++++++++++
> >  1 file changed, 45 insertions(+)
> > 
> > diff --git a/drivers/android/binderfs.c b/drivers/android/binderfs.c
> > index e80ba93c62a9..f793887f6dc8 100644
> > --- a/drivers/android/binderfs.c
> > +++ b/drivers/android/binderfs.c
> > @@ -58,6 +58,10 @@ enum binderfs_stats_mode {
> >  	binderfs_stats_mode_global,
> >  };
> >  
> > +struct binder_capabilities {
> > +	bool oneway_spam;
> > +};
> > +
> >  static const struct constant_table binderfs_param_stats[] = {
> >  	{ "global", binderfs_stats_mode_global },
> >  	{}
> > @@ -69,6 +73,10 @@ static const struct fs_parameter_spec binderfs_fs_parameters[] = {
> >  	{}
> >  };
> >  
> > +static struct binder_capabilities binder_caps = {
> > +	.oneway_spam = true,
> > +};
> > +
> >  static inline struct binderfs_info *BINDERFS_SB(const struct super_block *sb)
> >  {
> >  	return sb->s_fs_info;
> > @@ -583,6 +591,39 @@ static struct dentry *binderfs_create_dir(struct dentry *parent,
> >  	return dentry;
> >  }
> >  
> > +static int binder_caps_show(struct seq_file *m, void *unused)
> > +{
> > +	bool *cap = m->private;
> > +
> > +	seq_printf(m, "%d\n", *cap);
> > +
> > +	return 0;
> > +}
> > +DEFINE_SHOW_ATTRIBUTE(binder_caps);
> > +
> > +static int init_binder_caps(struct super_block *sb)
> > +{
> > +	struct dentry *dentry, *root;
> > +	int ret = 0;
> > +
> > +	root = binderfs_create_dir(sb->s_root, "caps");
> > +	if (IS_ERR(root)) {
> > +		ret = PTR_ERR(root);
> > +		goto out;
> > +	}
> > +
> > +	dentry = binderfs_create_file(root, "oneway_spam",
> > +				      &binder_caps_fops,
> > +				      &binder_caps.oneway_spam);
> > +	if (IS_ERR(dentry)) {
> > +		ret = PTR_ERR(dentry);
> > +		goto out;
> 
> If this fails, you still report that an error happened, yet you do not
> remove the directory?  Is that intended?
> 
> And where is this new file documented?  Where are the existing binderfs
> files documented?

When I wrote it I added documentation to:

Documentation/admin-guide/binderfs.rst

So the new caps directory and file should be documented there.

I would also suggest to add a simple test reading this new caps
directory and the new file in there to:

tools/testing/selftests/filesystems/binderfs_test.c

Christian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ