Received: by 10.223.164.221 with SMTP id h29csp2961691wrb;
        Mon, 9 Oct 2017 14:26:30 -0700 (PDT)
X-Received: by 10.99.6.75 with SMTP id 72mr10187973pgg.350.1507584390365;
        Mon, 09 Oct 2017 14:26:30 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1507584390; cv=none;
        d=google.com; s=arc-20160816;
        b=SUZD+dyGSA6K7GjLrkB1nziFidSZ3Q1k1J+oR4WIa0KCR02271/zXHbq9z7u4bhEvF
         Uaw+iLrpwereBY7ws+YjboMrXrAO/3jnR45/8WCm2eyDUdqiB8fMTcZjsfLYNtOGYC4m
         wJCTAyE51k4qKpNODiLjgeB/7ts3WDUfXSD+Hy49T1gRxImotTN1sAWgcjlk3jxwWXAE
         HLvzSVs4m/Y93VzssF6i2b0pTv1o3dGQ/YrvHJYgF3J/qvQJzr+zp72O/oquP8phJ/80
         +399psfmRIpHF5swaG7fSc9COdDCCwuiXTT5lNXyGi36Fvdu+tz1vWbNvmdh2buIbCxn
         YuWg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:arc-authentication-results;
        bh=xLsGga6SxJgDA+YAePQEctrkjPFEB4gmbJ1JdP+I8eU=;
        b=djTMRb5O+Sl0/vrp5verMxVHGPTvWTYYDiUICeU6A30hIzfHXUs4H9zykMyoQZ599u
         6ovKKJz4A5nt6KBhXPGsDS8hogwe1p2fomk/MZAMrT6rJeQBRwIY0h80jFWdpcBXKwkW
         R/C6epsi9h/8Yg/R1fuif+CKsrJh6b1jgI5VYM4vi6O7dNoBUC/4dauaCcMDYVi9iR/e
         c9HVooPTjxO913T+rDjAAevQP/d5Q7OivNjG0nSpsZL9d7kUzoHegWMhg4fE565ahqbr
         SwfG723up+Ty0K/VtstWZAaoWPaa3mPqbLA2n2YK6AZwviHMD/q1vPNOJDtMndfvh9+x
         7M1Q==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 67si7743905pfp.406.2017.10.09.14.26.16;
        Mon, 09 Oct 2017 14:26:30 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1754485AbdJIVZx (ORCPT <rfc822;marvinzhang.kernel@gmail.com>
        + 99 others); Mon, 9 Oct 2017 17:25:53 -0400
Received: from mail-qk0-f171.google.com ([209.85.220.171]:48349 "EHLO
        mail-qk0-f171.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751156AbdJIVZw (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 9 Oct 2017 17:25:52 -0400
Received: by mail-qk0-f171.google.com with SMTP id d67so21483499qkg.5
        for <linux-kernel@vger.kernel.org>; Mon, 09 Oct 2017 14:25:51 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:cc:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-language
         :content-transfer-encoding;
        bh=xLsGga6SxJgDA+YAePQEctrkjPFEB4gmbJ1JdP+I8eU=;
        b=efkN6yujk/dsSv3PukKm9eCAsQH7sWCP11Iu7DHgVNxGN3HkBpHDvK6n+tkIgEHs/h
         H+QG+fQoFxZF9w4p8JTeGK6nlq+8qogNI7A0Oh0cRsct/8dGbGeEd9fpSh4Rn1IH71pL
         GQFxwLWWf96b+mL7FbCzoFRNaOap5Lxw6uTh6SzPaU6aGaUTdB01fSkqXIi0a1sVYCX/
         MDObKLon+sMJutnW0HWL/kNCQwXm/hOtgk6bekv4iZ4xqqhUOWix1sn3vPWp4JAIYoHu
         Nd56ths3A0zQnzmUnyu2BZa3X1rcrFNjGItAp9YtLJOkJo3/7STkuXqoTJubTh8xQkW0
         GWzA==
X-Gm-Message-State: AMCzsaU44gweT5rVX+k8cSe9CqzVSgBwu+TMk4DU10hyrFZd0i2q0OKH
        J2WT9VNNEA4bXxKz83zIGA0s4Q==
X-Google-Smtp-Source: AOwi7QDZH7APuZ7or+ao2tL371+rpDrPBV3ktQEG8gpsXQVEYpvzIhAcGsBHX9ocYPNwglYT5iU+Xg==
X-Received: by 10.55.26.91 with SMTP id a88mr7686821qka.11.1507584351397;
        Mon, 09 Oct 2017 14:25:51 -0700 (PDT)
Received: from ?IPv6:2601:602:9802:a8dc::e174? ([2601:602:9802:a8dc::e174])
        by smtp.gmail.com with ESMTPSA id p8sm5447064qki.57.2017.10.09.14.25.48
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Mon, 09 Oct 2017 14:25:50 -0700 (PDT)
Subject: Re: [PATCH v5 2/2] staging: ion: create one device entry per heap
To:     Benjamin Gaignard <benjamin.gaignard@linaro.org>,
        Mark Brown <broonie@kernel.org>
Cc:     Sandeep Patil <sspatil@google.com>,
        driverdevel <devel@driverdev.osuosl.org>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        =?UTF-8?Q?Arve_Hj=c3=b8nnev=c3=a5g?= <arve@android.com>,
        "dri-devel@lists.freedesktop.org" <dri-devel@lists.freedesktop.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Riley Andrews <riandrews@android.com>,
        linux-api@vger.kernel.org, Sumit Semwal <sumit.semwal@linaro.org>,
        Dan Carpenter <dan.carpenter@oracle.com>
References: <1506518409-16887-1-git-send-email-benjamin.gaignard@linaro.org>
 <1506518409-16887-3-git-send-email-benjamin.gaignard@linaro.org>
 <2e15edc2-a17f-3930-7d5b-4b5b7d2e0a4d@redhat.com>
 <20171003164849.rcdgez6lbpmq5llt@sirena.org.uk>
 <2417c969-357f-d5d9-153a-2180d09b0dc6@redhat.com>
 <20171003230830.GA132839@sspatil-desktop.mtv.corp.google.com>
 <20171004101720.ob5f467tro7agpcz@sirena.co.uk>
 <CA+M3ks5ZCUdTU5qU=Xi-MXXJQS6X-x=7qqs-5Myi7zeAAi8mJg@mail.gmail.com>
From:   Laura Abbott <labbott@redhat.com>
Message-ID: <e3f91eff-df33-e203-2ce2-1f1dc98236ef@redhat.com>
Date:   Mon, 9 Oct 2017 14:25:47 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <CA+M3ks5ZCUdTU5qU=Xi-MXXJQS6X-x=7qqs-5Myi7zeAAi8mJg@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 10/05/2017 06:06 AM, Benjamin Gaignard wrote:
> 2017-10-04 12:17 GMT+02:00 Mark Brown <broonie@kernel.org>:
>> On Tue, Oct 03, 2017 at 04:08:30PM -0700, Sandeep Patil wrote:
>>
>>> It is entirely possible and easy in android/ueventd to create those nodes
>>> under "/dev/ion/".  (assuming the heap 'subsystem' for these new devices will
>>> point to 'ion').
> 
> I think it is the same problem than for webcam under v4l framework.
> Each time you plug a webcam you got a v4l node but android/uevent rules
> the plug order doesn't have impact.
> The same think will happen for ion nodes it may be even easier because
> the heap will always being created in the smae order for a given product
> configuration.
> 

Relying on the heap being created in the same order seems troublesome.
If for some reason it changes in the kernel we might break something
in userspace.

Anyway, to move this forward I think we need to see a proof of concept
of using selinux to protect access to specific heaps.

Thanks,
Laura

>>
>> The reason I didn't say /dev/ion/foo initially is that if people want to
>> keep the existing /dev/ion around for compatibility reasons then the
>> /dev/ion name isn't available which might cause issues.  Otherwise just
>> dumping everything under a directory (perhaps with a different name) was
>> my first thought as well.
>>
>>> (Also FWIW, the SELinux permissions are also possible with the current ion
>>> implementation by adding rules to disallow specific ioctls instead of adding
>>> permissions to access device node as this change would do)
>>
>> AIUI the request is to limit access to specific heaps, and obviously not
>> everyone wants to deal with SELinux at all.


From 1580423016029302759@xxx Thu Oct 05 13:07:19 +0000 2017
X-GM-THRID: 1579699119100728687
X-Gmail-Labels: Inbox,Category Forums