[PATCH 16/20] staging: gasket: always allow root open for write
From: Todd Poynor
Always allow root to open device for writing.
Drop special-casing of ioctl permissions for root vs. owner.
Convert to bool types as appropriate.
Reported-by: Dmitry Torokhov
Signed-off-by: Zhongze Hu
Signed-off-by: Todd Poynor
---
drivers/staging/gasket/apex_driver.c | 15 --
drivers/staging/gasket/gasket_core.c | 8 ---
drivers/staging/gasket/gasket_ioctl.c | 30 +--
3 files changed, 23 insertions(+), 30 deletions(-)
diff --git a/drivers/staging/gasket/apex_driver.c
b/drivers/staging/gasket/apex_driver.c
index a01b1f2b827ea..4c00f3609f081 100644
--- a/drivers/staging/gasket/apex_driver.c
+++ b/drivers/staging/gasket/apex_driver.c
@@ -140,7 +140,7 @@ static int apex_reset(struct gasket_dev *gasket_dev, uint
type);
static int apex_get_status(struct gasket_dev *gasket_dev);
-static uint apex_ioctl_check_permissions(struct file *file, uint cmd);
+static bool apex_ioctl_check_permissions(struct file *file, uint cmd);
static long apex_ioctl(struct file *file, uint cmd, ulong arg);
@@ -625,18 +625,11 @@ static bool is_gcb_in_reset(struct gasket_dev *gasket_dev)
* @file: File pointer from ioctl.
* @cmd: ioctl command.
*
- * Returns 1 if the current user may execute this ioctl, and 0 otherwise.
+ * Returns true if the current user may execute this ioctl, and false
otherwise.
*/
-static uint apex_ioctl_check_permissions(struct file *filp, uint cmd)
+static bool apex_ioctl_check_permissions(struct file *filp, uint cmd)
{
- struct gasket_dev *gasket_dev = filp->private_data;
- int root = capable(CAP_SYS_ADMIN);
- int is_owner = gasket_dev->dev_info.ownership.is_owned &&
- current->tgid == gasket_dev->dev_info.ownership.owner;
-
- if (root || is_owner)
- return 1;
- return 0;
+ return !!(filp->f_mode & FMODE_WRITE);
}
/*
diff --git a/drivers/staging/gasket/gasket_core.c
b/drivers/staging/gasket/gasket_core.c
index ba48a379b0ada..254fb392c05c1 100644
--- a/drivers/staging/gasket/gasket_core.c
+++ b/drivers/staging/gasket/gasket_core.c
@@ -1072,6 +1072,7 @@ static int gasket_open(struct inode *inode, struct file
*filp)
char task_name[TASK_COMM_LEN];
struct gasket_cdev_info *dev_info =
container_of(inode->i_cdev, struct gasket_cdev_info, cdev);
+ int is_root = capable(CAP_SYS_ADMIN);
gasket_dev = dev_info->gasket_dev_ptr;
driver_desc = gasket_dev->internal_desc->driver_desc;
@@ -1085,7 +1086,7 @@ static int gasket_open(struct inode *inode, struct file
*filp)
"Attempting to open with tgid %u (%s) (f_mode: 0%03o, "
"fmode_write: %d is_root: %u)",
current->tgid, task_name, filp->f_mode,
- (filp->f_mode & FMODE_WRITE), capable(CAP_SYS_ADMIN));
+ (filp->f_mode & FMODE_WRITE), is_root);
/* Always allow non-writing accesses. */
if (!(filp->f_mode & FMODE_WRITE)) {
@@ -1099,8 +1100,9 @@ static int gasket_open(struct inode *inode, struct file
*filp)
gasket_dev, "Current owner open count (owning tgid %u): %d.",
ownership->owner, ownership->write_open_count);
- /* Opening a node owned by another TGID is an error (even root.) */
- if (ownership->is_owned && ownership->owner != current->tgid) {
+ /* Opening a node owned by another TGID is an error (unless root) */
+ if (ownership->is_owned && ownership->owner != current->tgid &&
+ !is_root) {
gasket_log_error(
gasket_dev,
"Process %u is opening a node held by %u.",
diff --git a/drivers/staging/gasket/gasket_ioctl.c
b/drivers/staging/gasket/gasket_ioctl.c
index d0142ed048a65..8fd44979fe713 100644
--- a/drivers/staging/gasket/gasket_ioctl.c
+++ b/drivers/staging/gasket/gasket_ioctl.c
@@ -22,7 +22,7 @@
#define trace_gasket_ioctl_config_coherent_allocator(x, ...)
#endif
-static uint gasket_ioctl_check_permissions(struct file *filp, uint cmd);
+static bool gasket_ioctl_check_permissions(struct file *filp, uint cmd);
static int gasket_set_event_fd(struct gasket_dev *dev, ulong arg);
static int gasket_read_page_table_size(
struct gasket_dev *gasket_dev, ulong arg);
@@ -167,12 +167,13 @@ long gasket_is_supported_ioctl(uint cmd)
* @filp: File structure pointer describing this node usage session.
* @cmd: ioctl number to handle.
*
- * Standard permissions checker.
+ * Check permissions for Gasket ioctls.
+ * Returns true if the file opener may execute this ioctl, or false otherwise.
*/
-static uint gasket_ioctl_check_permissions(struct file *filp, uint cmd)
+static bool gasket_ioctl_check_permissions(struct file *filp, uint cmd)
{
- uint alive, root, device_owner;
- fmode_t read, write;
+ bool alive;
+ bool read, write;
struct gasket_dev *gasket_dev = (struct gasket_dev *)filp->private_data;
[PATCH 16/20] staging: gasket: always allow root open for write
From: Todd Poynor
Always allow root to open device for writing.
Drop special-casing of ioctl permissions for root vs. owner.
Convert to bool types as appropriate.
Reported-by: Dmitry Torokhov
Signed-off-by: Zhongze Hu
Signed-off-by: Todd Poynor
---
drivers/staging/gasket/apex_driver.c | 15 --
drivers/staging/gasket/gasket_core.c | 8 ---
drivers/staging/gasket/gasket_ioctl.c | 30 +--
3 files changed, 23 insertions(+), 30 deletions(-)
diff --git a/drivers/staging/gasket/apex_driver.c
b/drivers/staging/gasket/apex_driver.c
index a01b1f2b827ea..4c00f3609f081 100644
--- a/drivers/staging/gasket/apex_driver.c
+++ b/drivers/staging/gasket/apex_driver.c
@@ -140,7 +140,7 @@ static int apex_reset(struct gasket_dev *gasket_dev, uint
type);
static int apex_get_status(struct gasket_dev *gasket_dev);
-static uint apex_ioctl_check_permissions(struct file *file, uint cmd);
+static bool apex_ioctl_check_permissions(struct file *file, uint cmd);
static long apex_ioctl(struct file *file, uint cmd, ulong arg);
@@ -625,18 +625,11 @@ static bool is_gcb_in_reset(struct gasket_dev *gasket_dev)
* @file: File pointer from ioctl.
* @cmd: ioctl command.
*
- * Returns 1 if the current user may execute this ioctl, and 0 otherwise.
+ * Returns true if the current user may execute this ioctl, and false
otherwise.
*/
-static uint apex_ioctl_check_permissions(struct file *filp, uint cmd)
+static bool apex_ioctl_check_permissions(struct file *filp, uint cmd)
{
- struct gasket_dev *gasket_dev = filp->private_data;
- int root = capable(CAP_SYS_ADMIN);
- int is_owner = gasket_dev->dev_info.ownership.is_owned &&
- current->tgid == gasket_dev->dev_info.ownership.owner;
-
- if (root || is_owner)
- return 1;
- return 0;
+ return !!(filp->f_mode & FMODE_WRITE);
}
/*
diff --git a/drivers/staging/gasket/gasket_core.c
b/drivers/staging/gasket/gasket_core.c
index ba48a379b0ada..254fb392c05c1 100644
--- a/drivers/staging/gasket/gasket_core.c
+++ b/drivers/staging/gasket/gasket_core.c
@@ -1072,6 +1072,7 @@ static int gasket_open(struct inode *inode, struct file
*filp)
char task_name[TASK_COMM_LEN];
struct gasket_cdev_info *dev_info =
container_of(inode->i_cdev, struct gasket_cdev_info, cdev);
+ int is_root = capable(CAP_SYS_ADMIN);
gasket_dev = dev_info->gasket_dev_ptr;
driver_desc = gasket_dev->internal_desc->driver_desc;
@@ -1085,7 +1086,7 @@ static int gasket_open(struct inode *inode, struct file
*filp)
"Attempting to open with tgid %u (%s) (f_mode: 0%03o, "
"fmode_write: %d is_root: %u)",
current->tgid, task_name, filp->f_mode,
- (filp->f_mode & FMODE_WRITE), capable(CAP_SYS_ADMIN));
+ (filp->f_mode & FMODE_WRITE), is_root);
/* Always allow non-writing accesses. */
if (!(filp->f_mode & FMODE_WRITE)) {
@@ -1099,8 +1100,9 @@ static int gasket_open(struct inode *inode, struct file
*filp)
gasket_dev, "Current owner open count (owning tgid %u): %d.",
ownership->owner, ownership->write_open_count);
- /* Opening a node owned by another TGID is an error (even root.) */
- if (ownership->is_owned && ownership->owner != current->tgid) {
+ /* Opening a node owned by another TGID is an error (unless root) */
+ if (ownership->is_owned && ownership->owner != current->tgid &&
+ !is_root) {
gasket_log_error(
gasket_dev,
"Process %u is opening a node held by %u.",
diff --git a/drivers/staging/gasket/gasket_ioctl.c
b/drivers/staging/gasket/gasket_ioctl.c
index d0142ed048a65..8fd44979fe713 100644
--- a/drivers/staging/gasket/gasket_ioctl.c
+++ b/drivers/staging/gasket/gasket_ioctl.c
@@ -22,7 +22,7 @@
#define trace_gasket_ioctl_config_coherent_allocator(x, ...)
#endif
-static uint gasket_ioctl_check_permissions(struct file *filp, uint cmd);
+static bool gasket_ioctl_check_permissions(struct file *filp, uint cmd);
static int gasket_set_event_fd(struct gasket_dev *dev, ulong arg);
static int gasket_read_page_table_size(
struct gasket_dev *gasket_dev, ulong arg);
@@ -167,12 +167,13 @@ long gasket_is_supported_ioctl(uint cmd)
* @filp: File structure pointer describing this node usage session.
* @cmd: ioctl number to handle.
*
- * Standard permissions checker.
+ * Check permissions for Gasket ioctls.
+ * Returns true if the file opener may execute this ioctl, or false otherwise.
*/
-static uint gasket_ioctl_check_permissions(struct file *filp, uint cmd)
+static bool gasket_ioctl_check_permissions(struct file *filp, uint cmd)
{
- uint alive, root, device_owner;
- fmode_t read, write;
+ bool alive;
+ bool read, write;
struct gasket_dev *gasket_dev = (struct gasket_dev *)filp->private_data;
[PATCH 16/20] staging: gasket: always allow root open for write
From: Todd Poynor
Always allow root to open device for writing.
Drop special-casing of ioctl permissions for root vs. owner.
Convert to bool types as appropriate.
Reported-by: Dmitry Torokhov
Signed-off-by: Zhongze Hu
Signed-off-by: Todd Poynor
---
drivers/staging/gasket/apex_driver.c | 15 --
drivers/staging/gasket/gasket_core.c | 8 ---
drivers/staging/gasket/gasket_ioctl.c | 30 +--
3 files changed, 23 insertions(+), 30 deletions(-)
diff --git a/drivers/staging/gasket/apex_driver.c
b/drivers/staging/gasket/apex_driver.c
index a01b1f2b827ea..4c00f3609f081 100644
--- a/drivers/staging/gasket/apex_driver.c
+++ b/drivers/staging/gasket/apex_driver.c
@@ -140,7 +140,7 @@ static int apex_reset(struct gasket_dev *gasket_dev, uint
type);
static int apex_get_status(struct gasket_dev *gasket_dev);
-static uint apex_ioctl_check_permissions(struct file *file, uint cmd);
+static bool apex_ioctl_check_permissions(struct file *file, uint cmd);
static long apex_ioctl(struct file *file, uint cmd, ulong arg);
@@ -625,18 +625,11 @@ static bool is_gcb_in_reset(struct gasket_dev *gasket_dev)
* @file: File pointer from ioctl.
* @cmd: ioctl command.
*
- * Returns 1 if the current user may execute this ioctl, and 0 otherwise.
+ * Returns true if the current user may execute this ioctl, and false
otherwise.
*/
-static uint apex_ioctl_check_permissions(struct file *filp, uint cmd)
+static bool apex_ioctl_check_permissions(struct file *filp, uint cmd)
{
- struct gasket_dev *gasket_dev = filp->private_data;
- int root = capable(CAP_SYS_ADMIN);
- int is_owner = gasket_dev->dev_info.ownership.is_owned &&
- current->tgid == gasket_dev->dev_info.ownership.owner;
-
- if (root || is_owner)
- return 1;
- return 0;
+ return !!(filp->f_mode & FMODE_WRITE);
}
/*
diff --git a/drivers/staging/gasket/gasket_core.c
b/drivers/staging/gasket/gasket_core.c
index ba48a379b0ada..254fb392c05c1 100644
--- a/drivers/staging/gasket/gasket_core.c
+++ b/drivers/staging/gasket/gasket_core.c
@@ -1072,6 +1072,7 @@ static int gasket_open(struct inode *inode, struct file
*filp)
char task_name[TASK_COMM_LEN];
struct gasket_cdev_info *dev_info =
container_of(inode->i_cdev, struct gasket_cdev_info, cdev);
+ int is_root = capable(CAP_SYS_ADMIN);
gasket_dev = dev_info->gasket_dev_ptr;
driver_desc = gasket_dev->internal_desc->driver_desc;
@@ -1085,7 +1086,7 @@ static int gasket_open(struct inode *inode, struct file
*filp)
"Attempting to open with tgid %u (%s) (f_mode: 0%03o, "
"fmode_write: %d is_root: %u)",
current->tgid, task_name, filp->f_mode,
- (filp->f_mode & FMODE_WRITE), capable(CAP_SYS_ADMIN));
+ (filp->f_mode & FMODE_WRITE), is_root);
/* Always allow non-writing accesses. */
if (!(filp->f_mode & FMODE_WRITE)) {
@@ -1099,8 +1100,9 @@ static int gasket_open(struct inode *inode, struct file
*filp)
gasket_dev, "Current owner open count (owning tgid %u): %d.",
ownership->owner, ownership->write_open_count);
- /* Opening a node owned by another TGID is an error (even root.) */
- if (ownership->is_owned && ownership->owner != current->tgid) {
+ /* Opening a node owned by another TGID is an error (unless root) */
+ if (ownership->is_owned && ownership->owner != current->tgid &&
+ !is_root) {
gasket_log_error(
gasket_dev,
"Process %u is opening a node held by %u.",
diff --git a/drivers/staging/gasket/gasket_ioctl.c
b/drivers/staging/gasket/gasket_ioctl.c
index d0142ed048a65..8fd44979fe713 100644
--- a/drivers/staging/gasket/gasket_ioctl.c
+++ b/drivers/staging/gasket/gasket_ioctl.c
@@ -22,7 +22,7 @@
#define trace_gasket_ioctl_config_coherent_allocator(x, ...)
#endif
-static uint gasket_ioctl_check_permissions(struct file *filp, uint cmd);
+static bool gasket_ioctl_check_permissions(struct file *filp, uint cmd);
static int gasket_set_event_fd(struct gasket_dev *dev, ulong arg);
static int gasket_read_page_table_size(
struct gasket_dev *gasket_dev, ulong arg);
@@ -167,12 +167,13 @@ long gasket_is_supported_ioctl(uint cmd)
* @filp: File structure pointer describing this node usage session.
* @cmd: ioctl number to handle.
*
- * Standard permissions checker.
+ * Check permissions for Gasket ioctls.
+ * Returns true if the file opener may execute this ioctl, or false otherwise.
*/
-static uint gasket_ioctl_check_permissions(struct file *filp, uint cmd)
+static bool gasket_ioctl_check_permissions(struct file *filp, uint cmd)
{
- uint alive, root, device_owner;
- fmode_t read, write;
+ bool alive;
+ bool read, write;
struct gasket_dev *gasket_dev = (struct gasket_dev *)filp->private_data;
[PATCH 16/20] staging: gasket: always allow root open for write
From: Todd Poynor
Always allow root to open device for writing.
Drop special-casing of ioctl permissions for root vs. owner.
Convert to bool types as appropriate.
Reported-by: Dmitry Torokhov
Signed-off-by: Zhongze Hu
Signed-off-by: Todd Poynor
---
drivers/staging/gasket/apex_driver.c | 15 --
drivers/staging/gasket/gasket_core.c | 8 ---
drivers/staging/gasket/gasket_ioctl.c | 30 +--
3 files changed, 23 insertions(+), 30 deletions(-)
diff --git a/drivers/staging/gasket/apex_driver.c
b/drivers/staging/gasket/apex_driver.c
index a01b1f2b827ea..4c00f3609f081 100644
--- a/drivers/staging/gasket/apex_driver.c
+++ b/drivers/staging/gasket/apex_driver.c
@@ -140,7 +140,7 @@ static int apex_reset(struct gasket_dev *gasket_dev, uint
type);
static int apex_get_status(struct gasket_dev *gasket_dev);
-static uint apex_ioctl_check_permissions(struct file *file, uint cmd);
+static bool apex_ioctl_check_permissions(struct file *file, uint cmd);
static long apex_ioctl(struct file *file, uint cmd, ulong arg);
@@ -625,18 +625,11 @@ static bool is_gcb_in_reset(struct gasket_dev *gasket_dev)
* @file: File pointer from ioctl.
* @cmd: ioctl command.
*
- * Returns 1 if the current user may execute this ioctl, and 0 otherwise.
+ * Returns true if the current user may execute this ioctl, and false
otherwise.
*/
-static uint apex_ioctl_check_permissions(struct file *filp, uint cmd)
+static bool apex_ioctl_check_permissions(struct file *filp, uint cmd)
{
- struct gasket_dev *gasket_dev = filp->private_data;
- int root = capable(CAP_SYS_ADMIN);
- int is_owner = gasket_dev->dev_info.ownership.is_owned &&
- current->tgid == gasket_dev->dev_info.ownership.owner;
-
- if (root || is_owner)
- return 1;
- return 0;
+ return !!(filp->f_mode & FMODE_WRITE);
}
/*
diff --git a/drivers/staging/gasket/gasket_core.c
b/drivers/staging/gasket/gasket_core.c
index ba48a379b0ada..254fb392c05c1 100644
--- a/drivers/staging/gasket/gasket_core.c
+++ b/drivers/staging/gasket/gasket_core.c
@@ -1072,6 +1072,7 @@ static int gasket_open(struct inode *inode, struct file
*filp)
char task_name[TASK_COMM_LEN];
struct gasket_cdev_info *dev_info =
container_of(inode->i_cdev, struct gasket_cdev_info, cdev);
+ int is_root = capable(CAP_SYS_ADMIN);
gasket_dev = dev_info->gasket_dev_ptr;
driver_desc = gasket_dev->internal_desc->driver_desc;
@@ -1085,7 +1086,7 @@ static int gasket_open(struct inode *inode, struct file
*filp)
"Attempting to open with tgid %u (%s) (f_mode: 0%03o, "
"fmode_write: %d is_root: %u)",
current->tgid, task_name, filp->f_mode,
- (filp->f_mode & FMODE_WRITE), capable(CAP_SYS_ADMIN));
+ (filp->f_mode & FMODE_WRITE), is_root);
/* Always allow non-writing accesses. */
if (!(filp->f_mode & FMODE_WRITE)) {
@@ -1099,8 +1100,9 @@ static int gasket_open(struct inode *inode, struct file
*filp)
gasket_dev, "Current owner open count (owning tgid %u): %d.",
ownership->owner, ownership->write_open_count);
- /* Opening a node owned by another TGID is an error (even root.) */
- if (ownership->is_owned && ownership->owner != current->tgid) {
+ /* Opening a node owned by another TGID is an error (unless root) */
+ if (ownership->is_owned && ownership->owner != current->tgid &&
+ !is_root) {
gasket_log_error(
gasket_dev,
"Process %u is opening a node held by %u.",
diff --git a/drivers/staging/gasket/gasket_ioctl.c
b/drivers/staging/gasket/gasket_ioctl.c
index d0142ed048a65..8fd44979fe713 100644
--- a/drivers/staging/gasket/gasket_ioctl.c
+++ b/drivers/staging/gasket/gasket_ioctl.c
@@ -22,7 +22,7 @@
#define trace_gasket_ioctl_config_coherent_allocator(x, ...)
#endif
-static uint gasket_ioctl_check_permissions(struct file *filp, uint cmd);
+static bool gasket_ioctl_check_permissions(struct file *filp, uint cmd);
static int gasket_set_event_fd(struct gasket_dev *dev, ulong arg);
static int gasket_read_page_table_size(
struct gasket_dev *gasket_dev, ulong arg);
@@ -167,12 +167,13 @@ long gasket_is_supported_ioctl(uint cmd)
* @filp: File structure pointer describing this node usage session.
* @cmd: ioctl number to handle.
*
- * Standard permissions checker.
+ * Check permissions for Gasket ioctls.
+ * Returns true if the file opener may execute this ioctl, or false otherwise.
*/
-static uint gasket_ioctl_check_permissions(struct file *filp, uint cmd)
+static bool gasket_ioctl_check_permissions(struct file *filp, uint cmd)
{
- uint alive, root, device_owner;
- fmode_t read, write;
+ bool alive;
+ bool read, write;
struct gasket_dev *gasket_dev = (struct gasket_dev *)filp->private_data;
