Received: by 2002:a19:771d:0:0:0:0:0 with SMTP id s29csp1242505lfc; Wed, 1 Jun 2022 12:51:19 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz/UKY4/aEhsfBL0iaJIQBHEoAd6mKapFAfH/D14eM6yOnENDh+ruL4nXGrhNqVOauRxE6i X-Received: by 2002:a17:902:a9c9:b0:161:5b73:5ac9 with SMTP id b9-20020a170902a9c900b001615b735ac9mr1095557plr.14.1654113079513; Wed, 01 Jun 2022 12:51:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1654113079; cv=none; d=google.com; s=arc-20160816; b=VvI0VFPUmpxWTUGWYbdlLExJMqmh0RQLhZl3ARBvqw0fBRpTcWTcEbFKXsn/8rLWl3 SNZ1VrRoaKS6iRdrhY53TYY7CkOZNakYFk5eZ0U6UnJ0kPenGECzHxgyCSsbQVxXmbuI FY9kvRH82XRBQQuKSMMrYGKKp/igX+QZkOkyAf2sokfE2PnzJnkPMeyi4VNe3GjB8G3N Nxcyft0S5Gn95nEj8nfBmga2cKi8EPx08pfyf2b/KzXyrEao08bXes6lmioqO/HYXTO+ 8gpB8DR87CowtR0i8Bi6DMKFrM9w+vFxP8SW09lbDRSzZBL6kwQxN3NdmK8mqc93Kex3 I2Qg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:subject:from:cc:to :content-language:user-agent:mime-version:date:message-id :dkim-signature; bh=9K90yt7gi0QZROB3GtfrYs5hCiia1w1A1JaJHab+plo=; b=g4E1LaV+wHgVYJqKKLHGlbdRAJ1WYDFwKO/bJqf2fDjWz0vq+4pvCiWUIRnHBMK9hp Un2Xwfpojfisa/nJXWHNOJ6SYcBCLc+eh8dAdfqXw45PsRYig+vL64amHgneZ8AzkBrO iUy0GlKZMcZkwiHz+hJ4ObeVyUe2OVRSRpO71diaYqFBb+trOo9OPE6sLFQgYGbnDBsj IZ5hcpU/tYoBnLhHrikfYi0aZg2rHC5vH7EHEzQxRYv0jnTn22WY3gZUWejEEKMx1NjR JMcRFk0mmoGor2AnFKifcWH1pQZ/GknLMzfi3YGXjxeFx9tz1gV/hFRvPw14ESEq/6ip ziYw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@quicinc.com header.s=qcdkim header.b="xLiUL/CS"; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=quicinc.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id p12-20020a62ab0c000000b0050df2e4ba29si2866951pff.139.2022.06.01.12.51.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Jun 2022 12:51:19 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@quicinc.com header.s=qcdkim header.b="xLiUL/CS"; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=quicinc.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 949181F77D8; Wed, 1 Jun 2022 12:13:37 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345641AbiEaPZa (ORCPT + 99 others); Tue, 31 May 2022 11:25:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59348 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345597AbiEaPZ3 (ORCPT ); Tue, 31 May 2022 11:25:29 -0400 Received: from alexa-out-sd-01.qualcomm.com (alexa-out-sd-01.qualcomm.com [199.106.114.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 31C6D3617B; Tue, 31 May 2022 08:25:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; i=@quicinc.com; q=dns/txt; s=qcdkim; t=1654010728; x=1685546728; h=message-id:date:mime-version:to:cc:from:subject: content-transfer-encoding; bh=9K90yt7gi0QZROB3GtfrYs5hCiia1w1A1JaJHab+plo=; b=xLiUL/CSd4PnpzMlvc5uC8RsseA3pdVQ1nRwkFwoQKbKON97BIwCLqRp iaHoAZ7EOtHJQeiP3YuVfgObZUXCk6aM1MJgVqd0i+SEz73irrbGXakgG K0AKSB3ymXrs2tWzkINzA5U+dOFeMWzpF9uB92l6QRqL3JMHxjBBtrGYg I=; Received: from unknown (HELO ironmsg04-sd.qualcomm.com) ([10.53.140.144]) by alexa-out-sd-01.qualcomm.com with ESMTP; 31 May 2022 08:25:27 -0700 X-QCInternal: smtphost Received: from nasanex01b.na.qualcomm.com ([10.46.141.250]) by ironmsg04-sd.qualcomm.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 May 2022 08:25:27 -0700 Received: from [10.110.116.173] (10.80.80.8) by nasanex01b.na.qualcomm.com (10.46.141.250) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.22; Tue, 31 May 2022 08:25:26 -0700 Message-ID: <78873437-3b35-0711-a1dc-219b9f316fac@quicinc.com> Date: Tue, 31 May 2022 08:25:26 -0700 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.8.1 Content-Language: en-US To: , , , CC: From: Prasad Sodagudi Subject: [Query] Looking for comments on CONFIG_SPI_SPIDEV and CONFIG_I2C_CHARDEV interfaces security Content-Type: text/plain; charset="UTF-8"; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01a.na.qualcomm.com (10.52.223.231) To nasanex01b.na.qualcomm.com (10.46.141.250) X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi All, I am working on an IoT solution and would like to understand security impact of these two CONFIG_SPI_SPIDEV and CONFIG_I2C_CHARDEV interfaces of Linux. If a driver is developed from userspace for /dev/spiX.Y or /dev/i2c interfaces, are there any security concerns ? Userspace driver is to control external SPI slave on board. I heard that these interfaces allows access to any of these type of devices on board. How to avoid accessing any of these type of unwanted device access from userspace ? Can Selinux or any mechanism control access to other these type of devices from user-space ? Please share your comments/findings on these two interfaces related to security. If community had posted any security related discussions with these interfaces, please share details to improve understanding. -Thanks, Prasad