From: Dan Williams <dan.j.williams@intel.com>
To: linux-nvdimm@lists.01.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
"Rafael J. Wysocki" <rafael.j.wysocki@intel.com>,
vishal.l.verma@intel.com, linux-acpi@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: [PATCH v3 08/11] driver-core: Introduce DEVICE_ATTR_ADMIN_{RO,RW}
Date: Mon, 20 Jul 2020 15:08:07 -0700 [thread overview]
Message-ID: <159528288766.993790.5647904882591265970.stgit@dwillia2-desk3.amr.corp.intel.com> (raw)
In-Reply-To: <159528284411.993790.11733759435137949717.stgit@dwillia2-desk3.amr.corp.intel.com>
A common pattern for using plain DEVICE_ATTR() instead of
DEVICE_ATTR_RO() and DEVICE_ATTR_RW() is for attributes that want to
limit read to only root. I.e. many users of DEVICE_ATTR() are
specifying 0400 or 0600 for permissions.
Given the expectation that CAP_SYS_ADMIN is needed to access these
sensitive attributes add an explicit helper with the _ADMIN_ identifier
for DEVICE_ATTR_ADMIN_{RO,RW}.
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: "Rafael J. Wysocki" <rafael.j.wysocki@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
---
include/linux/device.h | 4 ++++
include/linux/sysfs.h | 7 +++++++
2 files changed, 11 insertions(+)
diff --git a/include/linux/device.h b/include/linux/device.h
index 15460a5ac024..d7c2570368fa 100644
--- a/include/linux/device.h
+++ b/include/linux/device.h
@@ -128,8 +128,12 @@ ssize_t device_store_bool(struct device *dev, struct device_attribute *attr,
__ATTR_PREALLOC(_name, _mode, _show, _store)
#define DEVICE_ATTR_RW(_name) \
struct device_attribute dev_attr_##_name = __ATTR_RW(_name)
+#define DEVICE_ATTR_ADMIN_RW(_name) \
+ struct device_attribute dev_attr_##_name = __ATTR_RW_MODE(_name, 0600)
#define DEVICE_ATTR_RO(_name) \
struct device_attribute dev_attr_##_name = __ATTR_RO(_name)
+#define DEVICE_ATTR_ADMIN_RO(_name) \
+ struct device_attribute dev_attr_##_name = __ATTR_RO_MODE(_name, 0400)
#define DEVICE_ATTR_WO(_name) \
struct device_attribute dev_attr_##_name = __ATTR_WO(_name)
#define DEVICE_ULONG_ATTR(_name, _mode, _var) \
diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h
index 86067dbe7745..34e84122f635 100644
--- a/include/linux/sysfs.h
+++ b/include/linux/sysfs.h
@@ -123,6 +123,13 @@ struct attribute_group {
.show = _name##_show, \
}
+#define __ATTR_RW_MODE(_name, _mode) { \
+ .attr = { .name = __stringify(_name), \
+ .mode = VERIFY_OCTAL_PERMISSIONS(_mode) }, \
+ .show = _name##_show, \
+ .store = _name##_store, \
+}
+
#define __ATTR_WO(_name) { \
.attr = { .name = __stringify(_name), .mode = 0200 }, \
.store = _name##_store, \
next prev parent reply other threads:[~2020-07-20 22:24 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-20 22:07 [PATCH v3 00/11] ACPI/NVDIMM: Runtime Firmware Activation Dan Williams
2020-07-20 22:07 ` [PATCH v3 01/11] libnvdimm: Validate command family indices Dan Williams
2020-07-20 22:07 ` [PATCH v3 02/11] ACPI: NFIT: Move bus_dsm_mask out of generic nvdimm_bus_descriptor Dan Williams
2020-07-20 22:07 ` [PATCH v3 03/11] ACPI: NFIT: Define runtime firmware activation commands Dan Williams
2020-07-20 22:07 ` [PATCH v3 04/11] tools/testing/nvdimm: Cleanup dimm index passing Dan Williams
2020-07-20 22:07 ` [PATCH v3 05/11] tools/testing/nvdimm: Add command debug messages Dan Williams
2020-07-20 22:07 ` [PATCH v3 06/11] tools/testing/nvdimm: Prepare nfit_ctl_test() for ND_CMD_CALL emulation Dan Williams
2020-07-20 22:08 ` [PATCH v3 07/11] tools/testing/nvdimm: Emulate firmware activation commands Dan Williams
2020-07-20 22:08 ` Dan Williams [this message]
2020-07-21 10:44 ` [PATCH v3 08/11] driver-core: Introduce DEVICE_ATTR_ADMIN_{RO,RW} Greg Kroah-Hartman
2020-07-20 22:08 ` [PATCH v3 09/11] libnvdimm: Convert to DEVICE_ATTR_ADMIN_RO() Dan Williams
2020-07-20 22:08 ` [PATCH v3 10/11] PM, libnvdimm: Add runtime firmware activation support Dan Williams
2020-07-21 0:02 ` Randy Dunlap
2020-07-21 0:14 ` Vishal Verma
2020-07-21 0:58 ` Dan Williams
2020-07-21 0:58 ` Dan Williams
2020-07-22 1:27 ` kernel test robot
2020-07-27 12:37 ` Rafael J. Wysocki
2020-07-29 1:35 ` Vishal Verma
2020-07-29 12:21 ` Rafael J. Wysocki
2020-07-20 22:08 ` [PATCH v3 11/11] ACPI: NFIT: Add runtime firmware activate support Dan Williams
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=159528288766.993790.5647904882591265970.stgit@dwillia2-desk3.amr.corp.intel.com \
--to=dan.j.williams@intel.com \
--cc=gregkh@linuxfoundation.org \
--cc=linux-acpi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nvdimm@lists.01.org \
--cc=rafael.j.wysocki@intel.com \
--cc=vishal.l.verma@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).