From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0EBF9C00140 for ; Thu, 18 Aug 2022 21:46:22 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9C4418D0002; Thu, 18 Aug 2022 17:46:21 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 973ED8D0001; Thu, 18 Aug 2022 17:46:21 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 83B358D0002; Thu, 18 Aug 2022 17:46:21 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 7428C8D0001 for ; Thu, 18 Aug 2022 17:46:21 -0400 (EDT) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 3DA4B161BEE for ; Thu, 18 Aug 2022 21:46:21 +0000 (UTC) X-FDA: 79814047362.26.E1358ED Received: from mail-il1-f172.google.com (mail-il1-f172.google.com [209.85.166.172]) by imf02.hostedemail.com (Postfix) with ESMTP id DBFBF85678 for ; Thu, 18 Aug 2022 21:34:38 +0000 (UTC) Received: by mail-il1-f172.google.com with SMTP id b15so1457213ilq.10 for ; Thu, 18 Aug 2022 14:34:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc; bh=Bd32rmK/FOJLR3DhtOUdTvKf+a9Teo/sBKjuQ/ElSZg=; b=XlCrOgXemDYs5Gm1ZIOksFTqGZKJJh1hGJ5FiZ/gBNvZlCJoKWIFIhrOP6jcsNcZg8 nsUv5cuyppKGA9pojhWsrVbxqQNk9M+rs6BsIhJvbCKfFS7En6R216VnbucNPbV6UqJu gFhqNjW0Z3wyX/v6unNEZXn/nYFuw58v1FdugaIM8korrBWM0ULmCWalgxkcsTvstTYF 2dpqn3K+xtvSW+ChNPAlFgqvqaJcQR1TiMmUcWlah6pmdFqo7CJY1Lhcjc2my+dwuDFF He4LDfJIcqaWnuQBMW0MitXidT3AJ0yuvz4ZsinCZ3Oz4svSW745OwxEYBDWuSYgJjBb 0gAg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc; bh=Bd32rmK/FOJLR3DhtOUdTvKf+a9Teo/sBKjuQ/ElSZg=; b=OeqII0tDiYFkHAYHmvh0qxEH3xHMfm89l7nWqx9Pj4Jjy6HV7wFDT7KtX0DEk6fF8f J3mNusMCQoXZvHcUSSl8f9qrQZkollye2+P5W8RB2BuD1eVfs5hzD34xOvDjaS7n1zsD z6OZ132Z7Nfjl4nZrcwJ6sIiLnsIm+uPE60zKsJ5e6HOx4zhMHowuLpDKs6hxyhxKLqs uCBdPWXwhwvNokSDh57w5QcjBMqqVhxcVy/NApLr4b3Rh5UszVsj0J4ytU3ZUcuda9xM iiAkgpOCF9FrmuUiXgdXOtQEZ8jZVDsjvVWwiW6wde/SHc5Oq0qLaJMfmtTsKzPlO3PZ hsdg== X-Gm-Message-State: ACgBeo3l9H5TicaHqkThZwJNFitXyEh4LoezNB/hA/EUK76PPx+VrlnF TXBbsFjw7+PVCiBdtSdLRFiRVzVteqcExW50KiL8PGASPZUmYg== X-Google-Smtp-Source: AA6agR7BxSEK9TZMmEIhvaOX697zBF3ihw3R6j2eoMtnNit2ewt69TP6LFyP0vkczM3B3jRpPt3WlelDN3UHLFuji6A= X-Received: by 2002:a05:6602:2f03:b0:678:9c7c:97a5 with SMTP id q3-20020a0566022f0300b006789c7c97a5mr1830797iow.32.1660843383117; Thu, 18 Aug 2022 10:23:03 -0700 (PDT) MIME-Version: 1.0 References: <20220817214728.489904-1-axelrasmussen@google.com> <20220817214728.489904-3-axelrasmussen@google.com> In-Reply-To: From: Axel Rasmussen Date: Thu, 18 Aug 2022 10:22:27 -0700 Message-ID: Subject: Re: [PATCH v6 2/5] userfaultfd: add /dev/userfaultfd for fine grained access control To: Greg KH Cc: Alexander Viro , Andrew Morton , Dave Hansen , "Dmitry V . Levin" , Gleb Fotengauer-Malinovskiy , Hugh Dickins , Jan Kara , Jonathan Corbet , Mel Gorman , Mike Kravetz , Mike Rapoport , Nadav Amit , Peter Xu , Shuah Khan , Suren Baghdasaryan , Vlastimil Babka , zhangyi , linux-doc@vger.kernel.org, linux-fsdevel , LKML , Linuxkselftest , Linux MM , linux-security-module@vger.kernel.org, Mike Rapoport Content-Type: text/plain; charset="UTF-8" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1660858478; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Bd32rmK/FOJLR3DhtOUdTvKf+a9Teo/sBKjuQ/ElSZg=; b=K3le+0GjgIFZqlKH6OAnA991rxy5CgrBAwODGdnu1TEcQu8rVoaSpfIiBme65yQBo10W7J YJqsLLVeFld3UpRUsKQEFX6gwBWKqI8Ae33PnycrHO175hEzCt9GKvbTbb99alZPB33qP6 uX+Ug0IC89+no5dY9HHUqSWM/IRDxKo= ARC-Authentication-Results: i=1; imf02.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=XlCrOgXe; spf=pass (imf02.hostedemail.com: domain of axelrasmussen@google.com designates 209.85.166.172 as permitted sender) smtp.mailfrom=axelrasmussen@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1660858478; a=rsa-sha256; cv=none; b=ZaIPCO84nGddc10C7SchrvVRpBZcQs4ApXXsJTbIQ8FbE64Ok+U543taI6hUAFhyYq2GvL RYNMg8z72BrxmFGWsHhegkFRN/70ZQ3wPhyyOYeYHBMmiKayEdJIfaRMidghx29swlW7zh KIMzxd1WjlJFpk90yuTwYGvp5VZIPPE= X-Stat-Signature: 5tpehmizqxsrt7dg8jkmw54pssqibwns X-Rspamd-Queue-Id: DBFBF85678 X-Rspam-User: Authentication-Results: imf02.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=XlCrOgXe; spf=pass (imf02.hostedemail.com: domain of axelrasmussen@google.com designates 209.85.166.172 as permitted sender) smtp.mailfrom=axelrasmussen@google.com; dmarc=pass (policy=reject) header.from=google.com X-Rspamd-Server: rspam10 X-HE-Tag: 1660858478-382456 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Wed, Aug 17, 2022 at 11:32 PM Greg KH wrote: > > On Thu, Aug 18, 2022 at 08:26:38AM +0200, Greg KH wrote: > > On Wed, Aug 17, 2022 at 02:47:25PM -0700, Axel Rasmussen wrote: > > > +static int userfaultfd_dev_open(struct inode *inode, struct file *file) > > > +{ > > > + return 0; > > > > If your open does nothing, no need to list it here at all, right? > > > > > +} > > > + > > > +static long userfaultfd_dev_ioctl(struct file *file, unsigned int cmd, unsigned long flags) > > > +{ > > > + if (cmd != USERFAULTFD_IOC_NEW) > > > + return -EINVAL; > > > + > > > + return new_userfaultfd(flags); > > > +} > > > + > > > +static const struct file_operations userfaultfd_dev_fops = { > > > + .open = userfaultfd_dev_open, > > > + .unlocked_ioctl = userfaultfd_dev_ioctl, > > > + .compat_ioctl = userfaultfd_dev_ioctl, > > > > Why do you need to set compat_ioctl? Shouldn't it just default to the > > existing one? > > > > And why is this a device node at all? Shouldn't the syscall handle all > > of this (to be honest, I didn't read anything but the misc code, sorry.) > > Ah, read the documentation now. Seems you want to make it easier for > people to get permissions on a system. Doesn't seem wise, but hey, it's > not my feature... Thanks for taking a look Greg! WIth the syscall, the only way to get access to this feature is to have CAP_SYS_PTRACE. Which gives you access to this, *plus* a bunch more stuff. My basic goal is to grant access to just this feature by itself, not really just to make it easier to access. I think a device node is the simplest way to achieve that (see the cover letter for considered alternatives). The other feedback looks like good simplification to me - I'll send another version with those changes. I have to admit this is the first time I've messed with misc device nodes, so apologies for being overly explicit. :) > > thanks, > > greg k-h