mbox series

[0/2] USB: core: add a way to revoke access to open USB devices

Message ID 20220809094300.83116-1-hadess@hadess.net (mailing list archive)
Headers show
Series USB: core: add a way to revoke access to open USB devices | expand

Message

Bastien Nocera Aug. 9, 2022, 9:42 a.m. UTC
BPF list, first CC: here, I hope the commit messages are clear enough to
understand the purpose of the patchset. If not, your comments would be
greatly appreciated so I can make the commit messages self-explanatory.

Eric, what would be the right identifier to use for a specific user
namespace that userspace could find out? I know the PIDs of the
bubblewrap processes that created those user namespaces, would those be
good enough?

Changes since v2:
- Changed the internal API to pass a struct usb_device
- Fixed potential busy loop in user-space when revoking access to a
  device

Bastien Nocera (2):
  USB: core: add a way to revoke access to open USB devices
  usb: Implement usb_revoke() BPF function

 drivers/usb/core/devio.c | 79 ++++++++++++++++++++++++++++++++++++++--
 drivers/usb/core/usb.c   | 51 ++++++++++++++++++++++++++
 drivers/usb/core/usb.h   |  2 +
 3 files changed, 128 insertions(+), 4 deletions(-)

Comments

Greg Kroah-Hartman Aug. 9, 2022, 10:31 a.m. UTC | #1
On Tue, Aug 09, 2022 at 11:42:58AM +0200, Bastien Nocera wrote:
> BPF list, first CC: here, I hope the commit messages are clear enough to
> understand the purpose of the patchset. If not, your comments would be
> greatly appreciated so I can make the commit messages self-explanatory.
> 
> Eric, what would be the right identifier to use for a specific user
> namespace that userspace could find out? I know the PIDs of the
> bubblewrap processes that created those user namespaces, would those be
> good enough?
> 
> Changes since v2:
> - Changed the internal API to pass a struct usb_device
> - Fixed potential busy loop in user-space when revoking access to a
>   device
> 
> Bastien Nocera (2):
>   USB: core: add a way to revoke access to open USB devices
>   usb: Implement usb_revoke() BPF function
> 
>  drivers/usb/core/devio.c | 79 ++++++++++++++++++++++++++++++++++++++--
>  drivers/usb/core/usb.c   | 51 ++++++++++++++++++++++++++
>  drivers/usb/core/usb.h   |  2 +
>  3 files changed, 128 insertions(+), 4 deletions(-)
> 
> -- 
> 2.37.1
> 

You say "changes since v2", but have no version identifier on this
series at all :(
Bastien Nocera Aug. 9, 2022, 11:15 a.m. UTC | #2
On Tue, 2022-08-09 at 12:31 +0200, Greg Kroah-Hartman wrote:
> On Tue, Aug 09, 2022 at 11:42:58AM +0200, Bastien Nocera wrote:
> > BPF list, first CC: here, I hope the commit messages are clear
> > enough to
> > understand the purpose of the patchset. If not, your comments would
> > be
> > greatly appreciated so I can make the commit messages self-
> > explanatory.
> > 
> > Eric, what would be the right identifier to use for a specific user
> > namespace that userspace could find out? I know the PIDs of the
> > bubblewrap processes that created those user namespaces, would
> > those be
> > good enough?
> > 
> > Changes since v2:
> > - Changed the internal API to pass a struct usb_device
> > - Fixed potential busy loop in user-space when revoking access to a
> >   device
> > 
> > Bastien Nocera (2):
> >   USB: core: add a way to revoke access to open USB devices
> >   usb: Implement usb_revoke() BPF function
> > 
> >  drivers/usb/core/devio.c | 79
> > ++++++++++++++++++++++++++++++++++++++--
> >  drivers/usb/core/usb.c   | 51 ++++++++++++++++++++++++++
> >  drivers/usb/core/usb.h   |  2 +
> >  3 files changed, 128 insertions(+), 4 deletions(-)
> > 
> > -- 
> > 2.37.1
> > 
> 
> You say "changes since v2", but have no version identifier on this
> series at all :(

It was sent as "RFC v2" under the same name. This is v3.

Sorry, but this will probably keep happening until the tools folks have
to use for kernel development aren't as clunky as they are now...
Greg Kroah-Hartman Aug. 9, 2022, 11:29 a.m. UTC | #3
On Tue, Aug 09, 2022 at 01:15:38PM +0200, Bastien Nocera wrote:
> Sorry, but this will probably keep happening until the tools folks have
> to use for kernel development aren't as clunky as they are now...

It's an editor, you can get them to do anything you want to do, they are
not clunky...
Eric W. Biederman Aug. 9, 2022, 5:25 p.m. UTC | #4
Bastien Nocera <hadess@hadess.net> writes:

> BPF list, first CC: here, I hope the commit messages are clear enough to
> understand the purpose of the patchset. If not, your comments would be
> greatly appreciated so I can make the commit messages self-explanatory.
>
> Eric, what would be the right identifier to use for a specific user
> namespace that userspace could find out? I know the PIDs of the
> bubblewrap processes that created those user namespaces, would those be
> good enough?

A namespace file descriptor would work. AKA The result of
opening /proc/<pid>/ns/user.

I assume you are asking so that you can filter the set of file
descriptors to revoked not by user but by user namespace.

Eric



> Changes since v2:
> - Changed the internal API to pass a struct usb_device
> - Fixed potential busy loop in user-space when revoking access to a
>   device
>
> Bastien Nocera (2):
>   USB: core: add a way to revoke access to open USB devices
>   usb: Implement usb_revoke() BPF function
>
>  drivers/usb/core/devio.c | 79 ++++++++++++++++++++++++++++++++++++++--
>  drivers/usb/core/usb.c   | 51 ++++++++++++++++++++++++++
>  drivers/usb/core/usb.h   |  2 +
>  3 files changed, 128 insertions(+), 4 deletions(-)