[PATCH 06/20] sysfs: Introduce BIN_ATTR_ADMIN_RO and BIN_ATTR_ADMIN_RW

From: "Krzysztof Wilczyński" <kw@linux.com>
To: Bjorn Helgaas <bhelgaas@google.com>
Cc: "Pali Rohár" <pali@kernel.org>,
	"Oliver O'Halloran" <oohall@gmail.com>,
	"Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
	"Daniel Vetter" <daniel.vetter@ffwll.ch>,
	"Joe Perches" <joe@perches.com>,
	"Dan Williams" <dan.j.williams@intel.com>,
	"Mauro Carvalho Chehab" <mchehab+huawei@kernel.org>,
	"David Sterba" <dsterba@suse.com>,
	linux-pci@vger.kernel.org
Subject: [PATCH 06/20] sysfs: Introduce BIN_ATTR_ADMIN_RO and BIN_ATTR_ADMIN_RW
Date: Fri, 16 Apr 2021 20:58:42 +0000	[thread overview]
Message-ID: <20210416205856.3234481-7-kw@linux.com> (raw)
In-Reply-To: <20210416205856.3234481-1-kw@linux.com>

A very common use case is to limit read and/or write access to certain
sysfs objects to only root with the expectation that the CAP_SYS_ADMIN
capability is needed to access sensitive data exposed through such sysfs
objects.

The existing macros such as BIN_ATTR_RO and BIN_ATTR_RW are sadly
inadequate given the specific need to limit access only to the root
user, as they offer permissions that are too open e.g., 0444 and 0644,
thus a lot of users of binary attributes with this specific use case,
for example, the PCI "config", "rom" and "vps" sysfs objects, would opt
to use the BIN_ATTR macro directly specifying 0400 or 0600 as needed.

Add a new set of macros with an explicit "ADMIN" identifier catering to
this specific use case that also follows the semantic of other existing
macros such as e.g., BIN_ATTR_RO, BIN_ATTR_RW, BIN_ATTR_WO, etc.

No functional change intended.

Related:
  commit 60d360acddc5 ("driver-core: Introduce DEVICE_ATTR_ADMIN_{RO,RW}")

Signed-off-by: Krzysztof Wilczyński <kw@linux.com>
---
 include/linux/sysfs.h | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h
index d76a1ddf83a3..9f423dfa8494 100644
--- a/include/linux/sysfs.h
+++ b/include/linux/sysfs.h
@@ -205,6 +205,13 @@ struct bin_attribute {
 	.size	= _size,						\
 }
 
+#define __BIN_ATTR_RO_MODE(_name, _mode, _size) {			\
+	.attr	= { .name = __stringify(_name),				\
+		    .mode = VERIFY_OCTAL_PERMISSIONS(_mode) },		\
+	.read	= _name##_read,						\
+	.size	= _size,						\
+}
+
 #define __BIN_ATTR_WO(_name, _size) {					\
 	.attr	= { .name = __stringify(_name), .mode = 0200 },		\
 	.write	= _name##_write,					\
@@ -214,6 +221,14 @@ struct bin_attribute {
 #define __BIN_ATTR_RW(_name, _size)					\
 	__BIN_ATTR(_name, 0644, _name##_read, _name##_write, _size)
 
+#define __BIN_ATTR_RW_MODE(_name, _mode, _size) {			\
+	.attr	= { .name = __stringify(_name),				\
+		    .mode = VERIFY_OCTAL_PERMISSIONS(_mode) },		\
+	.read	= _name##_read,						\
+	.write	= _name##_write,					\
+	.size	= _size,						\
+}
+
 #define __BIN_ATTR_NULL __ATTR_NULL
 
 #define BIN_ATTR(_name, _mode, _read, _write, _size)			\
@@ -223,12 +238,20 @@ struct bin_attribute bin_attr_##_name = __BIN_ATTR(_name, _mode, _read,	\
 #define BIN_ATTR_RO(_name, _size)					\
 struct bin_attribute bin_attr_##_name = __BIN_ATTR_RO(_name, _size)
 
+#define BIN_ATTR_ADMIN_RO(_name, _size)					\
+struct bin_attribute bin_attr_##_name = __BIN_ATTR_RO_MODE(_name, 0400,	\
+					_size)
+
 #define BIN_ATTR_WO(_name, _size)					\
 struct bin_attribute bin_attr_##_name = __BIN_ATTR_WO(_name, _size)
 
 #define BIN_ATTR_RW(_name, _size)					\
 struct bin_attribute bin_attr_##_name = __BIN_ATTR_RW(_name, _size)
 
+#define BIN_ATTR_ADMIN_RW(_name, _size)					\
+struct bin_attribute bin_attr_##_name = __BIN_ATTR_RW_MODE(_name, 0600,	\
+					_size)
+
 struct sysfs_ops {
 	ssize_t	(*show)(struct kobject *, struct attribute *, char *);
 	ssize_t	(*store)(struct kobject *, struct attribute *, const char *, size_t);
-- 
2.31.0

