Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp2791968imm; Mon, 16 Jul 2018 14:23:09 -0700 (PDT) X-Google-Smtp-Source: AAOMgpcryoPt93BNj32Z0Huw12eNJ3tXcC+5Y2yvbTE8ER4+QWccpUg51CmOtG6JGuxd5LGeK6K+ X-Received: by 2002:a17:902:b944:: with SMTP id h4-v6mr17810559pls.157.1531776189729; Mon, 16 Jul 2018 14:23:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1531776189; cv=none; d=google.com; s=arc-20160816; b=Ex4XOksCb5VyEDqzkocLvbW/UTOA31sYNK55+bJD4w8fM5z0vEwormqfvuXUFkJ/3I UzuhcvBEHxqdPS+RDnBSfv3A78ndckzzC0U34t/SGEXLeErKIpMEQq54FXdbCLywJtDH EPRSBVyid72/9MwAzBD/I03LIoR2lD3Ou2MaMJAcWgezeJO8nMuQevU91rPHLthHmhhr lpPg2d5dhjk8LIwVmtfBjh75Ku1YCG0fTMwrCJ398knx5CUDqAOzRJ8dJ9rzq65bcTnb +uULiqPsPiOukxxsNj+7wPhZUX93g2TrXj+juHoTrR2mJ3bSnjBY/EF1/JOpD5R+V3hU YahA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=uP6e0Z0pvJvyUAQDYAM/zoFR5JtkAnySkd70fHejRhU=; b=OEmkZFPog6YhTiyQf0in7RVwABmP7cLf74STtAjaeh3VFw7WSgk/RW57dnmmfWteG2 ALaxBYJeg25iD5pdvF/hM+fg/aahQGzf+HUVXtntM+6ss+4PKRNxbsTO2JnTTqIyOu+Z 1DWI3natbkbfaKsnY4k1EbFPNQFqzB+WThHlE1va3IsfgaJK3MxlhoebzjUQVgBNJ0RL u2D0fFSDKx4+mIU8IAzU1wQNfEV00PhBXdSAfvRoknow4E1T1G7ONqAPH/158Qz0j7zm GKa3F9wpivtmlz94GfjRvmPI9nT6x1f6uZnPg7EqAmVJbvcedTCrYipFHokx5eSMc78G zVcQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=lRIehX0Y; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v188-v6si32312650pfb.126.2018.07.16.14.22.55; Mon, 16 Jul 2018 14:23:09 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=lRIehX0Y; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729778AbeGPVv1 (ORCPT + 99 others); Mon, 16 Jul 2018 17:51:27 -0400 Received: from mail-yw0-f196.google.com ([209.85.161.196]:33188 "EHLO mail-yw0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728300AbeGPVv1 (ORCPT ); Mon, 16 Jul 2018 17:51:27 -0400 Received: by mail-yw0-f196.google.com with SMTP id c135-v6so14727823ywa.0 for ; Mon, 16 Jul 2018 14:22:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=uP6e0Z0pvJvyUAQDYAM/zoFR5JtkAnySkd70fHejRhU=; b=lRIehX0YWEM/kEZJD6rCjjPfqxpQ2+YMkjDnRTHNBR+vTRFdQcLylIs31IOqJnbT2Z cWGrjKoMnPNSRJ0pIWAlAoZIn2Mx5387dPZxmOkapWbC372xlLLeh2jtBXGlQG4pG8C3 n6fVCvOI8hz2+4gLRFm7XHIAc5GeSJ8G26NWkx6veurjhsB17RXQB77T6MyXygsvA2V6 b0nG0MP5huGqyQl7ac0aebS4iUPnKTCQSyhvhkSO84zPzpxOmcIlVNK+1hmj+cEM+OcC XTHuTZXLFtiyngBLNn+zd3yN9XatVpclKvj0hgmiunutpggdejVMA7lw0xzsetJ8eR3d 2s0Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=uP6e0Z0pvJvyUAQDYAM/zoFR5JtkAnySkd70fHejRhU=; b=nbp6f2qJgCnxjxVMxB4xiH2fehybS9ctFiiBXxXWtu8y7cg4ApfxgwR2Tc2Sgmzq3s qn4ckrdkVFOKsk+m1MjHxfU9F75fR0SjNSXqhZMPzkOc51KRc4bLTecIM4UbrPVf2k13 zSnZ4S5SnAqMiloBRlR0rpCVFFmjUcLNiE+VlPBrAcZo9FQaJFYJF/j6i7vNns8sOz1q 9ISUEdIwdo7ixnv8AnXQ3tUINYsj+NLa8E3b97D8X5LZNd5zvze8H4LBKPShklZBoKfj 1nz0gkY2+ayqYRiQhhGq6MxLApOw6ucGmBoOgbE3HVe6skTlbx64ehaJ7LPfvKiW7Vty 0s4A== X-Gm-Message-State: AOUpUlEsfq33LSfAJ67JhaPueUcJAooCOb2RPjcRLuzIC4BG22f6DTiJ kE49tNRMMKhWS/uSPNYFTlQHCr0i2kuy4AJACcM= X-Received: by 2002:a81:2309:: with SMTP id j9-v6mr9146942ywj.261.1531776132647; Mon, 16 Jul 2018 14:22:12 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:5e42:0:0:0:0:0 with HTTP; Mon, 16 Jul 2018 14:22:12 -0700 (PDT) In-Reply-To: References: <20180714055816.223754-1-toddpoynor@gmail.com> <20180714055816.223754-12-toddpoynor@gmail.com> From: Todd Poynor Date: Mon, 16 Jul 2018 14:22:12 -0700 Message-ID: Subject: Re: [PATCH 11/18] staging: gasket: always allow root open for write To: Dmitry Torokhov Cc: Rob Springer , John Joseph , Ben Chan , Greg Kroah-Hartman , Zhongze Hu , Simon Que , Guenter Roeck , devel@driverdev.osuosl.org, lkml , Todd Poynor Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Jul 14, 2018 at 1:25 AM, Dmitry Torokhov wrote: > On Sat, Jul 14, 2018 at 8:58 AM Todd Poynor wrote: >> >> From: Todd Poynor >> >> Always allow root to open device for writing. >> >> Drop special-casing of ioctl permissions for root vs. owner. >> >> Reported-by: Dmitry Torokhov >> Signed-off-by: Zhongze Hu >> Signed-off-by: Todd Poynor > > I think this patch is good as is, but as a followup you should create > a patch that supports user namespaces, i.e. replaces > capable(CAP_SYS_ADMIN) with ns_capable(...) in gasket_open() so you > can allow containers to control the device, if necessary. Thanks, I'll add that to the list. > > Reviewed-by: Dmitry Torokhov > > Thanks, > Dmitry -- Todd