Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp330135imm; Sat, 14 Jul 2018 01:28:35 -0700 (PDT) X-Google-Smtp-Source: AAOMgpe5LDb2Dn0xb0SdPqIKBcluFzuJYEsl3LR/uKwbxMOnSAskVEKwERMbBgfQrkiFXw6FwxEq X-Received: by 2002:aa7:8645:: with SMTP id a5-v6mr10164838pfo.247.1531556915091; Sat, 14 Jul 2018 01:28:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1531556915; cv=none; d=google.com; s=arc-20160816; b=nAY1haTPLBkSNwHoI1Pf8jkC0RXnI/tk3EFMjATz36UVQxzrLtzOC9iU9dPaZg2s20 d/pa7p64Lu6zxdOLuMwfiE1ssTTMkrr9/3lHUssCsCveofl6v/Rd8sVTlpluOi+cDT/p FWRSod3+ym5e3BPc9YW75p2FG6xGUmbCkJf3GixoeLqJb6CS6xBEb46YS88zizocPZvJ mMZQrqnPgyfVtsyvvYo6sE/j901rFMamw7xo3JtDmgwso3pROLPBIU35fpsMO+cLCGoj d33YS6v7lT0jXMs7XQydLWQoHudGr6nmK024vHWAVs/DzMMvqtHUpmWg+FiXJ/wouzRx iZdw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature :arc-authentication-results; bh=X2xohJjmIwJsNrxjziaK4N4QIyVCKNt2hWRrYPzEKwI=; b=yQTBGxFF2J439MHowoMbrfEHTwkeiq0Dt8G5ITtOuFRL4//ncB6c6wMmgo6bXNi5Pz j3TLRELOwGoxDrZ39Yw/jAfz1e60xDO8BZNYTTBQCIMs1sCfEm8tjur8aPkQj+X3wxUw sfvhgOcrWJ0GCOajEsGgpvLhpbAOBKOyPJ4U2Qpw6akQ1nKcdDshxi7KK5UCzV+yT5zf 0N9EmAyiL8TSwoxbFNGWJ3d5du+hu/pM1mq4cFXkNsg9vrqc5+nS7VG//JxAHnv70Ygb 8YDjIQpKU9CduTrYKlHUeXXbqw/el7wmPXvTXSw1LpSkwY1sXA6rpnaSlPvqiUqSPRnS Z4Ew== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=cnhekdDl; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v16-v6si25303188plo.186.2018.07.14.01.28.19; Sat, 14 Jul 2018 01:28:35 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=cnhekdDl; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727046AbeGNIoT (ORCPT + 99 others); Sat, 14 Jul 2018 04:44:19 -0400 Received: from mail-ed1-f66.google.com ([209.85.208.66]:40789 "EHLO mail-ed1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726204AbeGNIoT (ORCPT ); Sat, 14 Jul 2018 04:44:19 -0400 Received: by mail-ed1-f66.google.com with SMTP id e19-v6so26267369edq.7 for ; Sat, 14 Jul 2018 01:26:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=X2xohJjmIwJsNrxjziaK4N4QIyVCKNt2hWRrYPzEKwI=; b=cnhekdDlXb778hu3c8B2XmDZkq7tDJ2C3VELEEkEYhOizc27WRCWLfB8hY0smC6AWe DQ8GrlgaBXdJbTjcq65ziA0TQTfLgkTxnYhD8zhuWOrMh6PFFaHKVWjQFUF6JE4QbV/R hhsM6ZuC/cbn2u3+8lLM+3hRK9OstvdM1clE4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=X2xohJjmIwJsNrxjziaK4N4QIyVCKNt2hWRrYPzEKwI=; b=KkdnScS4T7c6GgzQLznriVaHwabbfbFmQBuyqg7Ig6RFL2XtADnGkBkOdCfLjiFqy7 dCpB6B4jgXgXDK/vgmTCW1o8hWxWfygGDdeuH+byYfgEu1nQrPWyAWWhHvW1a/5MVWi+ nclzFkmVaUjVBMW7aD2HWFRX5BpVaH4Orh8f2wkQaTlgIC4A9zuEwR64BEhM0PHu3g0B GaQPqsxN2JvWbSuQZrQhfrp4CvYyZBVpylWJw6fAz1OeqPJi6Dxds+n36M5lPQfzs8ic 95/bOnJfdMhWcSOWw7r9G2KbSWqDu/pyzfcSDaIcbha/nukk6QZVckYxsL4WDzpXKBSP bL6Q== X-Gm-Message-State: AOUpUlH+v5U/Iq5J3RyKA1Yb30GYZZWrF1bDkKOermTloEHC9cXLCsUF SThFIAzL5lr3+JkEuYMXkGtt4VPzPMKKEQ== X-Received: by 2002:a50:8f05:: with SMTP id 5-v6mr9949210edy.192.1531556761218; Sat, 14 Jul 2018 01:26:01 -0700 (PDT) Received: from mail-wr1-f43.google.com (mail-wr1-f43.google.com. [209.85.221.43]) by smtp.gmail.com with ESMTPSA id h7-v6sm690175edj.82.2018.07.14.01.25.59 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 14 Jul 2018 01:26:00 -0700 (PDT) Received: by mail-wr1-f43.google.com with SMTP id b15-v6so27186884wrv.10 for ; Sat, 14 Jul 2018 01:25:59 -0700 (PDT) X-Received: by 2002:adf:ba12:: with SMTP id o18-v6mr7374943wrg.249.1531556759686; Sat, 14 Jul 2018 01:25:59 -0700 (PDT) MIME-Version: 1.0 References: <20180714055816.223754-1-toddpoynor@gmail.com> <20180714055816.223754-12-toddpoynor@gmail.com> In-Reply-To: <20180714055816.223754-12-toddpoynor@gmail.com> From: Dmitry Torokhov Date: Sat, 14 Jul 2018 11:25:47 +0300 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 11/18] staging: gasket: always allow root open for write To: toddpoynor@gmail.com Cc: rspringer@google.com, jnjoseph@google.com, benchan@chromium.org, Greg Kroah-Hartman , frankhu@chromium.org, Simon Que , Guenter Roeck , devel@driverdev.osuosl.org, lkml , toddpoynor@google.com Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Jul 14, 2018 at 8:58 AM Todd Poynor wrote: > > From: Todd Poynor > > Always allow root to open device for writing. > > Drop special-casing of ioctl permissions for root vs. owner. > > Reported-by: Dmitry Torokhov > Signed-off-by: Zhongze Hu > Signed-off-by: Todd Poynor I think this patch is good as is, but as a followup you should create a patch that supports user namespaces, i.e. replaces capable(CAP_SYS_ADMIN) with ns_capable(...) in gasket_open() so you can allow containers to control the device, if necessary. Reviewed-by: Dmitry Torokhov Thanks, Dmitry