Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp1214416imm;
        Sun, 15 Jul 2018 02:06:36 -0700 (PDT)
X-Google-Smtp-Source: AAOMgpdMIlhtxEOLoRdyGO3L03+ZDd+lHAK1rKjWAVYgCmH/HG3qrVPNfWHJx1ZaqlFG8SQ3m0QU
X-Received: by 2002:a63:e001:: with SMTP id e1-v6mr11783766pgh.380.1531645596580;
        Sun, 15 Jul 2018 02:06:36 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1531645596; cv=none;
        d=google.com; s=arc-20160816;
        b=0NiljUfwL9fRrQAdm+UJbnz9wfzs9Ur8paqpDv6EM4gB4fZ14VmCTVpno8CSGnAzBh
         imJ4VGpx632ElU2ml5wbSDvVJt8tmbNKNAu/5Cr2e2jVAArPX4CrOuaGgqFhfsFFIRym
         HPW7v3O7nk1BEKap6oEmni90HFf1th0Ap4uOzsSFGIoJbF4fXYOMWJFNjT/7CnQ/61ju
         0ySXcDOwPWvJdMCcEKaKj/BvHT3rY2frQx967/wACUrSuEobvRkp2X3CyPxkCuIS2ACm
         vrDOa0ZXsh2f01dfG1fBFks+DebH+ftOaSQNymsIQA/+Lt2WLdZl1kUmqkm9crYXQl5I
         H5Nw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:arc-authentication-results;
        bh=lQtgDKx+1M6esUdrXMVG8e+bbUKCtA289OKI51Hz1kA=;
        b=EyR+o5kyxhbFs/pBO4JvH4lmcli7Bv/hgRpbl35TnmQ+GKzI0NYhHhOXN+8nmId8YH
         0X5es+5GHM+HreOXIWGkf+Itm8nk1QrE9HtTSMA/JtVlkeUmsFMejeAdgJkutnYiCQsE
         NC274nt/ul6vMp+/zRCVtRVN3urdbBM5WtJDa5d6fuWa0sP5pZbYtziONZQkQEJwzs3X
         LSJZgflqpAjTQyMC9hUVYU+wMVy7E3NLVOVkjXl69oQIAHfzLyFvvxolmx0W0eEUtznF
         MAujDK9V0rEJG5XK7mJt7CnLwq72mpVRfPO9C8RKMTaHv1jN2NoNNtP965/k1l5EaHz4
         cNlw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id v129-v6si30693154pfc.330.2018.07.15.02.06.21;
        Sun, 15 Jul 2018 02:06:36 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726224AbeGOJ2C (ORCPT <rfc822;thunderbird.krnldev@gmail.com>
        + 99 others); Sun, 15 Jul 2018 05:28:02 -0400
Received: from mail.linuxfoundation.org ([140.211.169.12]:33994 "EHLO
        mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726032AbeGOJ2C (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sun, 15 Jul 2018 05:28:02 -0400
Received: from localhost (LFbn-1-12247-202.w90-92.abo.wanadoo.fr [90.92.61.202])
        by mail.linuxfoundation.org (Postfix) with ESMTPSA id B70DDA95;
        Sun, 15 Jul 2018 09:05:46 +0000 (UTC)
Date:   Sun, 15 Jul 2018 11:05:44 +0200
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     Todd Poynor <toddpoynor@gmail.com>
Cc:     Rob Springer <rspringer@google.com>,
        John Joseph <jnjoseph@google.com>,
        Ben Chan <benchan@chromium.org>, devel@driverdev.osuosl.org,
        Zhongze Hu <frankhu@chromium.org>,
        linux-kernel@vger.kernel.org, Simon Que <sque@chromium.org>,
        Guenter Roeck <groeck@chromium.org>,
        Todd Poynor <toddpoynor@google.com>,
        Dmitry Torokhov <dtor@chromium.org>
Subject: Re: [PATCH 11/18] staging: gasket: always allow root open for write
Message-ID: <20180715090544.GC23333@kroah.com>
References: <20180714055816.223754-1-toddpoynor@gmail.com>
 <20180714055816.223754-12-toddpoynor@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20180714055816.223754-12-toddpoynor@gmail.com>
User-Agent: Mutt/1.10.0 (2018-05-17)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Jul 13, 2018 at 10:58:09PM -0700, Todd Poynor wrote:
> From: Todd Poynor <toddpoynor@google.com>
> 
> Always allow root to open device for writing.
> 
> Drop special-casing of ioctl permissions for root vs. owner.
> 
> Reported-by: Dmitry Torokhov <dtor@chromium.org>
> Signed-off-by: Zhongze Hu <frankhu@chromium.org>
> Signed-off-by: Todd Poynor <toddpoynor@google.com>
> ---
>  drivers/staging/gasket/apex_driver.c  |  9 +++------
>  drivers/staging/gasket/gasket_core.c  |  8 +++++---
>  drivers/staging/gasket/gasket_ioctl.c | 15 ++++++---------
>  3 files changed, 14 insertions(+), 18 deletions(-)
> 
> diff --git a/drivers/staging/gasket/apex_driver.c b/drivers/staging/gasket/apex_driver.c
> index b1318482ba65..ffe11d8168ea 100644
> --- a/drivers/staging/gasket/apex_driver.c
> +++ b/drivers/staging/gasket/apex_driver.c
> @@ -644,13 +644,10 @@ static bool is_gcb_in_reset(struct gasket_dev *gasket_dev)
>  static uint apex_ioctl_check_permissions(struct file *filp, uint cmd)
>  {
>  	struct gasket_dev *gasket_dev = filp->private_data;
> -	int root = capable(CAP_SYS_ADMIN);
> -	int is_owner = gasket_dev->dev_info.ownership.is_owned &&
> -		       current->tgid == gasket_dev->dev_info.ownership.owner;
> +	fmode_t write;
>  
> -	if (root || is_owner)
> -		return 1;
> -	return 0;
> +	write = filp->f_mode & FMODE_WRITE;

Ok, this is insane.  You don't change, or check, the permissions on a
file handle while it is already open, as you only check the permissions
on OPEN, not on WRITE.  See the recent rant from Linus on the linux-api
list for yet-another-long-threaad in which he explains this.

So this whole ioctl can just be removed, it is totally crazy and wrong
and should just be removed.

Want me to go remove it right now?

thanks,

greg k-h