| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 9 Jul 2021 10:39:34 +0200
From: Christian Brauner <christian.brauner@...ntu.com>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: Carlos Llamas <cmllamas@...gle.com>,
Arve Hjønnevåg <arve@...roid.com>,
Todd Kjos <tkjos@...roid.com>,
Martijn Coenen <maco@...roid.com>,
Christian Brauner <christian@...uner.io>,
Joel Fernandes <joel@...lfernandes.org>,
Steven Moreland <smoreland@...gle.com>,
kernel-team@...roid.com, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] ANDROID: binderfs: add capabilities support
On Wed, Jul 07, 2021 at 06:59:46PM +0200, Greg Kroah-Hartman wrote:
> On Wed, Jul 07, 2021 at 04:24:19PM +0000, Carlos Llamas wrote:
> > Provide userspace with a mechanism to discover binder driver
> > capabilities to refrain from using these unsupported features
> > in the first place. Note that older capabilities are assumed
> > to be supported and only new ones will be added.
>
> What defines "new" vs. "old"? Where was the line drawn?
>
> > Signed-off-by: Carlos Llamas <cmllamas@...gle.com>
> > ---
> > drivers/android/binderfs.c | 45 ++++++++++++++++++++++++++++++++++++++
> > 1 file changed, 45 insertions(+)
> >
> > diff --git a/drivers/android/binderfs.c b/drivers/android/binderfs.c
> > index e80ba93c62a9..f793887f6dc8 100644
> > --- a/drivers/android/binderfs.c
> > +++ b/drivers/android/binderfs.c
> > @@ -58,6 +58,10 @@ enum binderfs_stats_mode {
> > binderfs_stats_mode_global,
> > };
> >
> > +struct binder_capabilities {
> > + bool oneway_spam;
> > +};
> > +
> > static const struct constant_table binderfs_param_stats[] = {
> > { "global", binderfs_stats_mode_global },
> > {}
> > @@ -69,6 +73,10 @@ static const struct fs_parameter_spec binderfs_fs_parameters[] = {
> > {}
> > };
> >
> > +static struct binder_capabilities binder_caps = {
> > + .oneway_spam = true,
> > +};
> > +
> > static inline struct binderfs_info *BINDERFS_SB(const struct super_block *sb)
> > {
> > return sb->s_fs_info;
> > @@ -583,6 +591,39 @@ static struct dentry *binderfs_create_dir(struct dentry *parent,
> > return dentry;
> > }
> >
> > +static int binder_caps_show(struct seq_file *m, void *unused)
> > +{
> > + bool *cap = m->private;
> > +
> > + seq_printf(m, "%d\n", *cap);
> > +
> > + return 0;
> > +}
> > +DEFINE_SHOW_ATTRIBUTE(binder_caps);
> > +
> > +static int init_binder_caps(struct super_block *sb)
> > +{
> > + struct dentry *dentry, *root;
> > + int ret = 0;
> > +
> > + root = binderfs_create_dir(sb->s_root, "caps");
> > + if (IS_ERR(root)) {
> > + ret = PTR_ERR(root);
> > + goto out;
> > + }
> > +
> > + dentry = binderfs_create_file(root, "oneway_spam",
> > + &binder_caps_fops,
> > + &binder_caps.oneway_spam);
> > + if (IS_ERR(dentry)) {
> > + ret = PTR_ERR(dentry);
> > + goto out;
>
> If this fails, you still report that an error happened, yet you do not
> remove the directory? Is that intended?
>
> And where is this new file documented? Where are the existing binderfs
> files documented?
When I wrote it I added documentation to:
Documentation/admin-guide/binderfs.rst
So the new caps directory and file should be documented there.
I would also suggest to add a simple test reading this new caps
directory and the new file in there to:
tools/testing/selftests/filesystems/binderfs_test.c
Christian
Powered by blists - more mailing lists