From: Dan Williams <dan.j.williams@intel.com>
To: linux-nvdimm@lists.01.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
"Rafael J. Wysocki" <rafael.j.wysocki@intel.com>,
linux-acpi@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH v2 08/12] driver-core: Introduce DEVICE_ATTR_ADMIN_{RO,RW}
Date: Mon, 06 Jul 2020 18:59:16 -0700 [thread overview]
Message-ID: <159408715653.2385045.10226724984566744787.stgit@dwillia2-desk3.amr.corp.intel.com> (raw)
In-Reply-To: <159408711335.2385045.2567600405906448375.stgit@dwillia2-desk3.amr.corp.intel.com>
A common pattern for using plain DEVICE_ATTR() instead of
DEVICE_ATTR_RO() and DEVICE_ATTR_RW() is for attributes that want to
limit read to only root. I.e. many users of DEVICE_ATTR() are
specifying 0400 or 0600 for permissions.
Given the expectation that CAP_SYS_ADMIN is needed to access these
sensitive attributes add an explicit helper with the _ADMIN_ identifier
for DEVICE_ATTR_ADMIN_{RO,RW}.
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: "Rafael J. Wysocki" <rafael.j.wysocki@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
---
include/linux/device.h | 4 ++++
include/linux/sysfs.h | 7 +++++++
2 files changed, 11 insertions(+)
diff --git a/include/linux/device.h b/include/linux/device.h
index 15460a5ac024..d7c2570368fa 100644
--- a/include/linux/device.h
+++ b/include/linux/device.h
@@ -128,8 +128,12 @@ ssize_t device_store_bool(struct device *dev, struct device_attribute *attr,
__ATTR_PREALLOC(_name, _mode, _show, _store)
#define DEVICE_ATTR_RW(_name) \
struct device_attribute dev_attr_##_name = __ATTR_RW(_name)
+#define DEVICE_ATTR_ADMIN_RW(_name) \
+ struct device_attribute dev_attr_##_name = __ATTR_RW_MODE(_name, 0600)
#define DEVICE_ATTR_RO(_name) \
struct device_attribute dev_attr_##_name = __ATTR_RO(_name)
+#define DEVICE_ATTR_ADMIN_RO(_name) \
+ struct device_attribute dev_attr_##_name = __ATTR_RO_MODE(_name, 0400)
#define DEVICE_ATTR_WO(_name) \
struct device_attribute dev_attr_##_name = __ATTR_WO(_name)
#define DEVICE_ULONG_ATTR(_name, _mode, _var) \
diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h
index 86067dbe7745..34e84122f635 100644
--- a/include/linux/sysfs.h
+++ b/include/linux/sysfs.h
@@ -123,6 +123,13 @@ struct attribute_group {
.show = _name##_show, \
}
+#define __ATTR_RW_MODE(_name, _mode) { \
+ .attr = { .name = __stringify(_name), \
+ .mode = VERIFY_OCTAL_PERMISSIONS(_mode) }, \
+ .show = _name##_show, \
+ .store = _name##_store, \
+}
+
#define __ATTR_WO(_name) { \
.attr = { .name = __stringify(_name), .mode = 0200 }, \
.store = _name##_store, \
_______________________________________________
Linux-nvdimm mailing list -- linux-nvdimm@lists.01.org
To unsubscribe send an email to linux-nvdimm-leave@lists.01.org
next prev parent reply other threads:[~2020-07-07 2:15 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-07 1:58 [PATCH v2 00/12] ACPI/NVDIMM: Runtime Firmware Activation Dan Williams
2020-07-07 1:58 ` [PATCH v2 01/12] libnvdimm: Validate command family indices Dan Williams
2020-07-10 14:02 ` Sasha Levin
2020-07-07 1:58 ` [PATCH v2 02/12] ACPI: NFIT: Move bus_dsm_mask out of generic nvdimm_bus_descriptor Dan Williams
2020-07-07 1:58 ` [PATCH v2 03/12] ACPI: NFIT: Define runtime firmware activation commands Dan Williams
2020-07-07 1:58 ` [PATCH v2 04/12] tools/testing/nvdimm: Cleanup dimm index passing Dan Williams
2020-07-07 1:59 ` [PATCH v2 05/12] tools/testing/nvdimm: Add command debug messages Dan Williams
2020-07-07 1:59 ` [PATCH v2 06/12] tools/testing/nvdimm: Prepare nfit_ctl_test() for ND_CMD_CALL emulation Dan Williams
2020-07-07 1:59 ` [PATCH v2 07/12] tools/testing/nvdimm: Emulate firmware activation commands Dan Williams
2020-07-07 1:59 ` Dan Williams [this message]
2020-07-07 1:59 ` [PATCH v2 09/12] libnvdimm: Convert to DEVICE_ATTR_ADMIN_RO() Dan Williams
2020-07-07 1:59 ` [PATCH v2 10/12] libnvdimm: Add runtime firmware activation sysfs interface Dan Williams
2020-07-07 1:59 ` [PATCH v2 11/12] PM, libnvdimm: Add 'mem-quiet' state and callback for firmware activation Dan Williams
2020-07-07 16:56 ` Pavel Machek
2020-07-09 14:57 ` Rafael J. Wysocki
2020-07-09 19:04 ` Dan Williams
2020-07-13 14:03 ` Rafael J. Wysocki
2020-07-09 15:00 ` Christoph Hellwig
2020-07-09 15:38 ` Jason Gunthorpe
2020-07-09 15:43 ` Rafael J. Wysocki
2020-07-09 16:10 ` Dan Williams
2020-07-09 16:34 ` Jason Gunthorpe
2020-07-09 15:56 ` Dan Williams
2020-07-07 1:59 ` [PATCH v2 12/12] ACPI: NFIT: Add runtime firmware activate support Dan Williams
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=159408715653.2385045.10226724984566744787.stgit@dwillia2-desk3.amr.corp.intel.com \
--to=dan.j.williams@intel.com \
--cc=gregkh@linuxfoundation.org \
--cc=linux-acpi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nvdimm@lists.01.org \
--cc=rafael.j.wysocki@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).