linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [v2 0/2] test capability for remote task
@ 2017-01-12  8:52 Jike Song
  2017-01-12  8:52 ` [v2 1/2] capability: export has_capability Jike Song
  2017-01-12  8:52 ` [v2 2/2] vfio iommu type1: fix the testing of capability for remote task Jike Song
  0 siblings, 2 replies; 6+ messages in thread
From: Jike Song @ 2017-01-12  8:52 UTC (permalink / raw)
  To: alex.williamson, serge
  Cc: kwankhede, kraxel, linux-security-module, kvm, linux-kernel, Jike Song

Sometimes vfio iommu type1 needs to pin memory for a remote task other
than current, thereby needs to test the CAP_IPC_LOCK capability for
that task.

The proper routine for this purpose is has_capability(), but it is
not yet exported for modules. None of currently exported capability-
testing symbols allows a specified task. So here in this series
has_capability() is exported then used in the vfio iommu type1 driver.



v2: -> Add Serge's Acked-by to PATCH [1/2]
    -> Remove the change in vfio_pin_pages_remote, since it's now guaranteed the 'current' process


Hi Alex,

I kept EXPORT_SYMBOL other than EXPORT_SYMBOL_GPL, since I'm still
worry about changing the type of existing exports in 'capability.c'.
I'm new to open-source fearing of violating GPL :)


Jike Song (2):
  capability: export has_capability
  vfio iommu type1: fix the testing of capability for remote task

 drivers/vfio/vfio_iommu_type1.c | 3 +--
 kernel/capability.c             | 1 +
 2 files changed, 2 insertions(+), 2 deletions(-)

-- 
1.9.3

^ permalink raw reply	[flat|nested] 6+ messages in thread
* [v2 1/2] capability: export has_capability
  2017-01-12  8:52 [v2 0/2] test capability for remote task Jike Song
@ 2017-01-12  8:52 ` Jike Song
  2017-01-12 22:22   ` James Morris
  2017-01-12  8:52 ` [v2 2/2] vfio iommu type1: fix the testing of capability for remote task Jike Song
  1 sibling, 1 reply; 6+ messages in thread
From: Jike Song @ 2017-01-12  8:52 UTC (permalink / raw)
  To: alex.williamson, serge
  Cc: kwankhede, kraxel, linux-security-module, kvm, linux-kernel, Jike Song

has_capability() is sometimes needed by modules to test capability
for specified task other than current, so export it.

Cc: Alex Williamson <alex.williamson@redhat.com>
Cc: Kirti Wankhede <kwankhede@nvidia.com>
Acked-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Jike Song <jike.song@intel.com>
---
 kernel/capability.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/kernel/capability.c b/kernel/capability.c
index a98e814..f97fe77 100644
--- a/kernel/capability.c
+++ b/kernel/capability.c
@@ -318,6 +318,7 @@ bool has_capability(struct task_struct *t, int cap)
 {
 	return has_ns_capability(t, &init_user_ns, cap);
 }
+EXPORT_SYMBOL(has_capability);
 
 /**
  * has_ns_capability_noaudit - Does a task have a capability (unaudited)
-- 
1.9.3

^ permalink raw reply related	[flat|nested] 6+ messages in thread
* [v2 2/2] vfio iommu type1: fix the testing of capability for remote task
  2017-01-12  8:52 [v2 0/2] test capability for remote task Jike Song
  2017-01-12  8:52 ` [v2 1/2] capability: export has_capability Jike Song
@ 2017-01-12  8:52 ` Jike Song
  2017-01-12 22:22   ` James Morris
  1 sibling, 1 reply; 6+ messages in thread
From: Jike Song @ 2017-01-12  8:52 UTC (permalink / raw)
  To: alex.williamson, serge
  Cc: kwankhede, kraxel, linux-security-module, kvm, linux-kernel, Jike Song

Before the mdev enhancement type1 iommu used capable() to test the
capability of current task; in the course of mdev development a
new requirement, testing for another task other than current, was
raised.  ns_capable() was used for this purpose, however it still
tests current, the only difference is, in a specified namespace.

Fix it by using has_capability() instead, which tests the cap for
specified task in init_user_ns, the same namespace as capable().

Cc: Alex Williamson <alex.williamson@redhat.com>
Cc: Kirti Wankhede <kwankhede@nvidia.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Jike Song <jike.song@intel.com>
---
 drivers/vfio/vfio_iommu_type1.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/drivers/vfio/vfio_iommu_type1.c b/drivers/vfio/vfio_iommu_type1.c
index 9266271..77373e5 100644
--- a/drivers/vfio/vfio_iommu_type1.c
+++ b/drivers/vfio/vfio_iommu_type1.c
@@ -495,8 +495,7 @@ static int vfio_pin_page_external(struct vfio_dma *dma, unsigned long vaddr,
 				  unsigned long *pfn_base, bool do_accounting)
 {
 	unsigned long limit;
-	bool lock_cap = ns_capable(task_active_pid_ns(dma->task)->user_ns,
-				   CAP_IPC_LOCK);
+	bool lock_cap = has_capability(dma->task, CAP_IPC_LOCK);
 	struct mm_struct *mm;
 	int ret;
 	bool rsvd;
-- 
1.9.3

^ permalink raw reply related	[flat|nested] 6+ messages in thread
* Re: [v2 1/2] capability: export has_capability
  2017-01-12  8:52 ` [v2 1/2] capability: export has_capability Jike Song
@ 2017-01-12 22:22   ` James Morris
  0 siblings, 0 replies; 6+ messages in thread
From: James Morris @ 2017-01-12 22:22 UTC (permalink / raw)
  To: Jike Song
  Cc: alex.williamson, serge, kwankhede, kraxel, linux-security-module,
	kvm, linux-kernel

On Thu, 12 Jan 2017, Jike Song wrote:

> has_capability() is sometimes needed by modules to test capability
> for specified task other than current, so export it.
> 
> Cc: Alex Williamson <alex.williamson@redhat.com>
> Cc: Kirti Wankhede <kwankhede@nvidia.com>
> Acked-by: Serge Hallyn <serge@hallyn.com>
> Signed-off-by: Jike Song <jike.song@intel.com>


Acked-by: James Morris <james.l.morris@oracle.com>

> ---
>  kernel/capability.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/kernel/capability.c b/kernel/capability.c
> index a98e814..f97fe77 100644
> --- a/kernel/capability.c
> +++ b/kernel/capability.c
> @@ -318,6 +318,7 @@ bool has_capability(struct task_struct *t, int cap)
>  {
>  	return has_ns_capability(t, &init_user_ns, cap);
>  }
> +EXPORT_SYMBOL(has_capability);
>  
>  /**
>   * has_ns_capability_noaudit - Does a task have a capability (unaudited)
> 

-- 
James Morris
<jmorris@namei.org>

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: [v2 2/2] vfio iommu type1: fix the testing of capability for remote task
  2017-01-12  8:52 ` [v2 2/2] vfio iommu type1: fix the testing of capability for remote task Jike Song
@ 2017-01-12 22:22   ` James Morris
  2017-01-13  6:52     ` Kirti Wankhede
  0 siblings, 1 reply; 6+ messages in thread
From: James Morris @ 2017-01-12 22:22 UTC (permalink / raw)
  To: Jike Song
  Cc: alex.williamson, serge, kwankhede, kraxel, linux-security-module,
	kvm, linux-kernel

On Thu, 12 Jan 2017, Jike Song wrote:

> Before the mdev enhancement type1 iommu used capable() to test the
> capability of current task; in the course of mdev development a
> new requirement, testing for another task other than current, was
> raised.  ns_capable() was used for this purpose, however it still
> tests current, the only difference is, in a specified namespace.
> 
> Fix it by using has_capability() instead, which tests the cap for
> specified task in init_user_ns, the same namespace as capable().
> 
> Cc: Alex Williamson <alex.williamson@redhat.com>
> Cc: Kirti Wankhede <kwankhede@nvidia.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Signed-off-by: Jike Song <jike.song@intel.com>


Reviewed-by: James Morris <james.l.morris@oracle.com>

> ---
>  drivers/vfio/vfio_iommu_type1.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
> 
> diff --git a/drivers/vfio/vfio_iommu_type1.c b/drivers/vfio/vfio_iommu_type1.c
> index 9266271..77373e5 100644
> --- a/drivers/vfio/vfio_iommu_type1.c
> +++ b/drivers/vfio/vfio_iommu_type1.c
> @@ -495,8 +495,7 @@ static int vfio_pin_page_external(struct vfio_dma *dma, unsigned long vaddr,
>  				  unsigned long *pfn_base, bool do_accounting)
>  {
>  	unsigned long limit;
> -	bool lock_cap = ns_capable(task_active_pid_ns(dma->task)->user_ns,
> -				   CAP_IPC_LOCK);
> +	bool lock_cap = has_capability(dma->task, CAP_IPC_LOCK);
>  	struct mm_struct *mm;
>  	int ret;
>  	bool rsvd;
> 

-- 
James Morris
<jmorris@namei.org>

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: [v2 2/2] vfio iommu type1: fix the testing of capability for remote task
  2017-01-12 22:22   ` James Morris
@ 2017-01-13  6:52     ` Kirti Wankhede
  0 siblings, 0 replies; 6+ messages in thread
From: Kirti Wankhede @ 2017-01-13  6:52 UTC (permalink / raw)
  To: James Morris, Jike Song
  Cc: alex.williamson, serge, kraxel, linux-security-module, kvm, linux-kernel

Looks good to me

Reviewed by: Kirti Wankhede <kwankhede@nvidia.com>


On 1/13/2017 3:52 AM, James Morris wrote:
> On Thu, 12 Jan 2017, Jike Song wrote:
> 
>> Before the mdev enhancement type1 iommu used capable() to test the
>> capability of current task; in the course of mdev development a
>> new requirement, testing for another task other than current, was
>> raised.  ns_capable() was used for this purpose, however it still
>> tests current, the only difference is, in a specified namespace.
>>
>> Fix it by using has_capability() instead, which tests the cap for
>> specified task in init_user_ns, the same namespace as capable().
>>
>> Cc: Alex Williamson <alex.williamson@redhat.com>
>> Cc: Kirti Wankhede <kwankhede@nvidia.com>
>> Cc: Gerd Hoffmann <kraxel@redhat.com>
>> Signed-off-by: Jike Song <jike.song@intel.com>
> 
> 
> Reviewed-by: James Morris <james.l.morris@oracle.com>
> 
>> ---
>>  drivers/vfio/vfio_iommu_type1.c | 3 +--
>>  1 file changed, 1 insertion(+), 2 deletions(-)
>>
>> diff --git a/drivers/vfio/vfio_iommu_type1.c b/drivers/vfio/vfio_iommu_type1.c
>> index 9266271..77373e5 100644
>> --- a/drivers/vfio/vfio_iommu_type1.c
>> +++ b/drivers/vfio/vfio_iommu_type1.c
>> @@ -495,8 +495,7 @@ static int vfio_pin_page_external(struct vfio_dma *dma, unsigned long vaddr,
>>  				  unsigned long *pfn_base, bool do_accounting)
>>  {
>>  	unsigned long limit;
>> -	bool lock_cap = ns_capable(task_active_pid_ns(dma->task)->user_ns,
>> -				   CAP_IPC_LOCK);
>> +	bool lock_cap = has_capability(dma->task, CAP_IPC_LOCK);
>>  	struct mm_struct *mm;
>>  	int ret;
>>  	bool rsvd;
>>
> 

^ permalink raw reply	[flat|nested] 6+ messages in thread
end of thread, other threads:[~2017-01-13  6:52 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-01-12  8:52 [v2 0/2] test capability for remote task Jike Song
2017-01-12  8:52 ` [v2 1/2] capability: export has_capability Jike Song
2017-01-12 22:22   ` James Morris
2017-01-12  8:52 ` [v2 2/2] vfio iommu type1: fix the testing of capability for remote task Jike Song
2017-01-12 22:22   ` James Morris
2017-01-13  6:52     ` Kirti Wankhede

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).