On Thu, Jun 27, 2019 at 04:51:20PM +0000, Song Liu wrote:
>
>
> > On Jun 27, 2019, at 9:37 AM, Greg KH <gre...@linuxfoundation.org> wrote:
> >
> > On Thu, Jun 27, 2019 at 01:00:03AM +0000, Song Liu wrote:
> >>
> >>
> >>> On Jun 26, 2019, at 5:08 PM, Greg KH <gre...@linuxfoundation.org> wrote:
> >>>
> >>> On Wed, Jun 26, 2019 at 03:17:47PM +0000, Song Liu wrote:
> >>>>>> +static struct miscdevice bpf_dev = {
> >>>>>> + .minor = MISC_DYNAMIC_MINOR,
> >>>>>> + .name = "bpf",
> >>>>>> + .fops = &bpf_chardev_ops,
> >>>>>> + .mode = 0440,
> >>>>>> + .nodename = "bpf",
> >>>>>
> >>>>> Here's what kvm does:
> >>>>>
> >>>>> static struct miscdevice kvm_dev = {
> >>>>> KVM_MINOR,
> >>>>> "kvm",
> >>>>> &kvm_chardev_ops,
> >>>>> };
> >>>
> >>> Ick, I thought we converted all of these to named initializers a long
> >>> time ago :)
> >>>
> >>>>> Is there an actual reason that mode is not 0 by default in bpf case? Why
> >>>>> we need to define nodename?
> >>>>
> >>>> Based on my understanding, mode of 0440 is what we want. If we leave it
> >>>> as 0, it will use default value of 0600. I guess we can just set it to
> >>>> 0440, as user space can change it later anyway.
> >>>
> >>> Don't rely on userspace changing it, set it to what you want the
> >>> permissions to be in the kernel here, otherwise you have to create a new
> >>> udev rule and get it merged into all of the distros. Just do it right
> >>> the first time and there is no need for it.
> >>>
> >>> What is wrong with 0600 for this? Why 0440?
> >>
> >> We would like root to own the device, and let users in a certain group
> >> to be able to open it. So 0440 is what we need.
> >
> > But you are doing a "write" ioctl here, right? So don't you really need
>
> By "write", you meant that we are modifying a bit in task_struct, right?
> In that sense, we probably need 0220?
You need some sort of write permission to modify something in the kernel :)
> > And why again is this an ioctl instead of a syscall? What is so magic
> > about the file descriptor here?
>
> We want to control the permission of this operation via this device.
> Users that can open the device would be able to run the ioctl. I think
> syscall cannot achieve control like this, unless we introduce something
> like CAP_BPF_ADMIN?
Ah, yeah, ick, no, don't go there...
And you can more easily "control" access to this device node from
containers as well. Ok, that makes sense to me.
thanks,
greg k-h
