| Message ID | 20220628041527.742333-6-ira.weiny@intel.com |
|---|---|
| State | Superseded |
| Headers | show |
| Series | CXL: Read CDAT and DSMAS data | expand |
On Mon, Jun 27, 2022 at 09:15:23PM -0700, ira.weiny@intel.com wrote: > From: Ira Weiny <ira.weiny@intel.com> > > Many binary attributes need to limit access to CAP_SYS_ADMIN only; ie > many binary attributes specify is_visible with 0400 or 0600. > > Make setting the permissions of such attributes more explicit by > defining BIN_ATTR_ADMIN_{RO,RW}. > > Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> > Cc: Bjorn Helgaas <bhelgaas@google.com> > Signed-off-by: Ira Weiny <ira.weiny@intel.com> Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
On Mon, Jun 27, 2022 at 09:15:23PM -0700, Ira wrote: > From: Ira Weiny <ira.weiny@intel.com> > > Many binary attributes need to limit access to CAP_SYS_ADMIN only; ie > many binary attributes specify is_visible with 0400 or 0600. > > Make setting the permissions of such attributes more explicit by > defining BIN_ATTR_ADMIN_{RO,RW}. > > Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> > Cc: Bjorn Helgaas <bhelgaas@google.com> This should have had a suggested by tag on it. I'm hoping that Lore will pick it up with this email. Suggested-by: Dan Williams <dan.j.williams@intel.com> My apologies to Dan. Ira > Signed-off-by: Ira Weiny <ira.weiny@intel.com> > > --- > Changes from V11: > New Patch > --- > include/linux/sysfs.h | 16 ++++++++++++++++ > 1 file changed, 16 insertions(+) > > diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h > index e3f1e8ac1f85..fd3fe5c8c17f 100644 > --- a/include/linux/sysfs.h > +++ b/include/linux/sysfs.h > @@ -235,6 +235,22 @@ struct bin_attribute bin_attr_##_name = __BIN_ATTR_WO(_name, _size) > #define BIN_ATTR_RW(_name, _size) \ > struct bin_attribute bin_attr_##_name = __BIN_ATTR_RW(_name, _size) > > + > +#define __BIN_ATTR_ADMIN_RO(_name, _size) { \ > + .attr = { .name = __stringify(_name), .mode = 0400 }, \ > + .read = _name##_read, \ > + .size = _size, \ > +} > + > +#define __BIN_ATTR_ADMIN_RW(_name, _size) \ > + __BIN_ATTR(_name, 0600, _name##_read, _name##_write, _size) > + > +#define BIN_ATTR_ADMIN_RO(_name, _size) \ > +struct bin_attribute bin_attr_##_name = __BIN_ATTR_ADMIN_RO(_name, _size) > + > +#define BIN_ATTR_ADMIN_RW(_name, _size) \ > +struct bin_attribute bin_attr_##_name = __BIN_ATTR_ADMIN_RW(_name, _size) > + > struct sysfs_ops { > ssize_t (*show)(struct kobject *, struct attribute *, char *); > ssize_t (*store)(struct kobject *, struct attribute *, const char *, size_t); > -- > 2.35.3 >
[+cc Krzysztof] On Mon, Jun 27, 2022 at 09:15:23PM -0700, ira.weiny@intel.com wrote: > From: Ira Weiny <ira.weiny@intel.com> > > Many binary attributes need to limit access to CAP_SYS_ADMIN only; ie > many binary attributes specify is_visible with 0400 or 0600. > > Make setting the permissions of such attributes more explicit by > defining BIN_ATTR_ADMIN_{RO,RW}. > > Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> > Cc: Bjorn Helgaas <bhelgaas@google.com> > Signed-off-by: Ira Weiny <ira.weiny@intel.com> FWIW, this looks a lot like this previous patch: https://lore.kernel.org/all/20210416205856.3234481-7-kw@linux.com/ > --- > Changes from V11: > New Patch > --- > include/linux/sysfs.h | 16 ++++++++++++++++ > 1 file changed, 16 insertions(+) > > diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h > index e3f1e8ac1f85..fd3fe5c8c17f 100644 > --- a/include/linux/sysfs.h > +++ b/include/linux/sysfs.h > @@ -235,6 +235,22 @@ struct bin_attribute bin_attr_##_name = __BIN_ATTR_WO(_name, _size) > #define BIN_ATTR_RW(_name, _size) \ > struct bin_attribute bin_attr_##_name = __BIN_ATTR_RW(_name, _size) > > + > +#define __BIN_ATTR_ADMIN_RO(_name, _size) { \ > + .attr = { .name = __stringify(_name), .mode = 0400 }, \ > + .read = _name##_read, \ > + .size = _size, \ > +} > + > +#define __BIN_ATTR_ADMIN_RW(_name, _size) \ > + __BIN_ATTR(_name, 0600, _name##_read, _name##_write, _size) > + > +#define BIN_ATTR_ADMIN_RO(_name, _size) \ > +struct bin_attribute bin_attr_##_name = __BIN_ATTR_ADMIN_RO(_name, _size) > + > +#define BIN_ATTR_ADMIN_RW(_name, _size) \ > +struct bin_attribute bin_attr_##_name = __BIN_ATTR_ADMIN_RW(_name, _size) > + > struct sysfs_ops { > ssize_t (*show)(struct kobject *, struct attribute *, char *); > ssize_t (*store)(struct kobject *, struct attribute *, const char *, size_t); > -- > 2.35.3 >
diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h index e3f1e8ac1f85..fd3fe5c8c17f 100644 --- a/include/linux/sysfs.h +++ b/include/linux/sysfs.h @@ -235,6 +235,22 @@ struct bin_attribute bin_attr_##_name = __BIN_ATTR_WO(_name, _size) #define BIN_ATTR_RW(_name, _size) \ struct bin_attribute bin_attr_##_name = __BIN_ATTR_RW(_name, _size) + +#define __BIN_ATTR_ADMIN_RO(_name, _size) { \ + .attr = { .name = __stringify(_name), .mode = 0400 }, \ + .read = _name##_read, \ + .size = _size, \ +} + +#define __BIN_ATTR_ADMIN_RW(_name, _size) \ + __BIN_ATTR(_name, 0600, _name##_read, _name##_write, _size) + +#define BIN_ATTR_ADMIN_RO(_name, _size) \ +struct bin_attribute bin_attr_##_name = __BIN_ATTR_ADMIN_RO(_name, _size) + +#define BIN_ATTR_ADMIN_RW(_name, _size) \ +struct bin_attribute bin_attr_##_name = __BIN_ATTR_ADMIN_RW(_name, _size) + struct sysfs_ops { ssize_t (*show)(struct kobject *, struct attribute *, char *); ssize_t (*store)(struct kobject *, struct attribute *, const char *, size_t);