lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <e83d29b8-5022-466a-b2ee-61fa5dd1c9ae@quicinc.com>
Date: Fri, 15 Dec 2023 09:51:09 -0800
From: Elliot Berman <quic_eberman@...cinc.com>
To: Jiri Slaby <jirislaby@...nel.org>,
        Vijaya Krishna Nivarthi
	<quic_vnivarth@...cinc.com>,
        Zijun Hu <quic_zijuhu@...cinc.com>, <gregkh@...uxfoundation.org>,
        <quic_qiancai@...cinc.com>, <quic_arandive@...cinc.com>,
        <quic_saipraka@...cinc.com>
CC: <linux-serial@...r.kernel.org>, <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v2] tty: Add comments for tty-ldisc module loading logic



On 12/15/2023 9:26 AM, Jiri Slaby wrote:
> On 15. 12. 23, 15:19, Vijaya Krishna Nivarthi wrote:
>> Hi,
>>
>>
>> On 12/15/2023 7:11 PM, Zijun Hu wrote:
>>> Current tty-ldisc module loading logic within tty_ldisc_get()
>>> is prone to mislead beginner that the module is able to be loaded
>>> by a user without capability CAP_SYS_MODULE, add comments to make
>>> the logic easy to undertand.
>>>
>>> Signed-off-by: Zijun Hu <quic_zijuhu@...cinc.com>
>>> ---
>>> Changes in v2:
>>> - Remove condition checking changes
>>>
>>>   drivers/tty/tty_ldisc.c | 4 ++++
>>>   1 file changed, 4 insertions(+)
>>>
>>> diff --git a/drivers/tty/tty_ldisc.c b/drivers/tty/tty_ldisc.c
>>> index 3f68e213df1f..34526ffaccbc 100644
>>> --- a/drivers/tty/tty_ldisc.c
>>> +++ b/drivers/tty/tty_ldisc.c
>>> @@ -150,6 +150,10 @@ static struct tty_ldisc *tty_ldisc_get(struct tty_struct *tty, int disc)
>>>        */
>>>       ldops = get_ldops(disc);
>>>       if (IS_ERR(ldops)) {
>>> +        /*
>>> +         * Always request tty-ldisc module regardless of user's
>>> +         * CAP_SYS_MODULE if autoload is enabled.
>>> +         */

The added comment confused me more :-)

"Request tty-ldisc if process has CAP_SYS_MODULE or autoload is enabled"

>>
>> Without much knowledge of this file...
>>
>>
>> What the if condition below accomplishes is evident,
> 
> After a bit of thinking, sure.
> 
>> it probably doesn't require a comment.
> 
> I would not add a comment there at all. I would rewrite the code so it is obvious to everyone. Like:
> 
> static inline bool tty_ldisc_can_autoload(void)
> {
>   return capable(CAP_SYS_MODULE) || tty_ldisc_autoload;
> }
> 
> And then:
> if (!tty_ldisc_can_autoload())
>   return ERR_PTR(-EPERM);
> 
>> A more useful comment would be why it does so?
> 
> From an insider, the reason is obvious. But maybe not so much for newcomers. Well, one could document the new inline above. Like:
> ""
> We allow loads for capable users or when autoloading is explicitly enabled.
> ""
> or alike...

I agree with Vijaya that it seems evident after a few moments of analysis, but we're
also maybe used to reading kernel code more. I don't think we should be opposed
to changes that make code easier to grok, even if they're trivial.

If we want to make it clearer, I like Jiri's suggestion. One other thing I'd add
is to give a reference to read config LDISC_AUTOLOAD's help text.

Zijun,

Please send future revisions of the patch to our internal pre-submit review list
before sending to kernel.org. Qualcommers can visit go/upstream.

- Elliot

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ