From: Daniel Mack
Add the logic to handle the following entities:
Domain:
A domain is an unamed object containing a number of buses. A
domain is automatically created when an instance of kdbusfs
is mounted, and destroyed when it is unmounted.
Every domain offers its own 'control' device
From: Daniel Mack
Add the logic to handle the following entities:
Domain:
A domain is an unamed object containing a number of buses. A
domain is automatically created when an instance of kdbusfs
is mounted, and destroyed when it is unmounted.
Every domain offers its own "control" device
On 21.11.2014 06:02, Greg Kroah-Hartman wrote:
> From: Daniel Mack
>
…
> +/**
> + * kdbus_bus_new() - create a kdbus_cmd_make from user-supplied data
> + * @domain: The domain to work on
> + * @make:Information as passed in by userspace
> + * @uid: The uid of the
On 21.11.2014 06:02, Greg Kroah-Hartman wrote:
> From: Daniel Mack
>
> Add the logic to handle the following entities:
>
> Domain:
> A domain is an unamed object containing a number of buses. A
> domain is automatically created when an instance of kdbusfs
> is mounted, and destroyed when i
From: Daniel Mack
Add the logic to handle the following entities:
Domain:
A domain is an unamed object containing a number of buses. A
domain is automatically created when an instance of kdbusfs
is mounted, and destroyed when it is unmounted.
Every domain offers its own "control" device
On Thu, Oct 30, 2014 at 06:46:48PM +, Simon McVittie wrote:
> On 30/10/14 18:08, Djalal Harouni wrote:
> > So, this is similar to AF_UNIX sockets. For them there's SCM_CREDENTIALS
> > and SO_PEERCRED. The former uses credentials at the time of when
> > messages are being sent, the latter uses t
Hi Al
On Fri, Oct 31, 2014 at 12:38 AM, Al Viro wrote:
> On Wed, Oct 29, 2014 at 03:00:52PM -0700, Greg Kroah-Hartman wrote:
>
>> +static void __kdbus_domain_user_free(struct kref *kref)
>> +{
>> + struct kdbus_domain_user *user =
>> + container_of(kref, struct kdbus_domain_user,
On Fri, Oct 31, 2014 at 11:00:01AM -0700, Linus Torvalds wrote:
> On Thu, Oct 30, 2014 at 4:38 PM, Al Viro wrote:
> >
> > If you remove an object from some search structures, taking the lock in
> > destructor is Too Fucking Late(tm). Somebody might have already found
> > that puppy and decided to
On Thu, Oct 30, 2014 at 4:38 PM, Al Viro wrote:
>
> If you remove an object from some search structures, taking the lock in
> destructor is Too Fucking Late(tm). Somebody might have already found
> that puppy and decided to pick it (all under that lock) just as we'd
> got to that point in destruc
Hi,
On 10/31/2014 02:39 AM, Al Viro wrote:
> On Wed, Oct 29, 2014 at 03:00:52PM -0700, Greg Kroah-Hartman wrote:
>> See Documentation/kdbus.txt for more details.
>
> ... which has nothing whatsoever on object lifetime rules.
True. That document only describes the external API exposed by the
driv
On Wed, Oct 29, 2014 at 03:00:52PM -0700, Greg Kroah-Hartman wrote:
> See Documentation/kdbus.txt for more details.
... which has nothing whatsoever on object lifetime rules. Could you
folks please document that somewhere? What pins what, what state
transitions are possible, etc.
BTW, the calli
On Wed, Oct 29, 2014 at 03:00:52PM -0700, Greg Kroah-Hartman wrote:
> +static void __kdbus_domain_user_free(struct kref *kref)
> +{
> + struct kdbus_domain_user *user =
> + container_of(kref, struct kdbus_domain_user, kref);
> +
> + BUG_ON(atomic_read(&user->buses) > 0);
> +
On Thu, Oct 30, 2014 at 2:47 PM, Alex Elsayed wrote:
> Andy Lutomirski wrote:
>
>> On Thu, Oct 30, 2014 at 11:08 AM, Djalal Harouni
>> wrote:
>>> Hi Andy,
>>>
>>> 2) To get the creds of the sender of the message during send time. This
>>> is specially relevent to authorize specific D-Bus method c
On Thu, Oct 30, 2014 at 11:08 AM, Djalal Harouni wrote:
> Hi Andy,
>
> On Thu, Oct 30, 2014 at 07:58:04AM -0700, Andy Lutomirski wrote:
>> On Thu, Oct 30, 2014 at 7:48 AM, Djalal Harouni wrote:
>> > On Thu, Oct 30, 2014 at 05:15:04AM -0700, Eric W. Biederman wrote:
>> >> Djalal Harouni writes:
>
On 30/10/14 18:08, Djalal Harouni wrote:
> So, this is similar to AF_UNIX sockets. For them there's SCM_CREDENTIALS
> and SO_PEERCRED. The former uses credentials at the time of when
> messages are being sent, the latter uses the credentials at the time
> when when the connection was initially esta
Hi Andy,
On Thu, Oct 30, 2014 at 07:58:04AM -0700, Andy Lutomirski wrote:
> On Thu, Oct 30, 2014 at 7:48 AM, Djalal Harouni wrote:
> > On Thu, Oct 30, 2014 at 05:15:04AM -0700, Eric W. Biederman wrote:
> >> Djalal Harouni writes:
> >> What others are doing makes it very hard to safely use allow
On Thu, Oct 30, 2014 at 7:48 AM, Djalal Harouni wrote:
> On Thu, Oct 30, 2014 at 05:15:04AM -0700, Eric W. Biederman wrote:
>> Djalal Harouni writes:
>> What others are doing makes it very hard to safely use allow those
>> ioctls in a tightly sandboxed application, as it is unpredictable
>> what
On Thu, Oct 30, 2014 at 05:15:04AM -0700, Eric W. Biederman wrote:
> Djalal Harouni writes:
>
> > On Wed, Oct 29, 2014 at 08:59:44PM -0700, Eric W. Biederman wrote:
> >> Greg Kroah-Hartman writes:
> >>
> >> The way capabilities are checked in this patch make me very nervous.
> >>
> >> We are n
Djalal Harouni writes:
> On Wed, Oct 29, 2014 at 08:59:44PM -0700, Eric W. Biederman wrote:
>> Greg Kroah-Hartman writes:
>>
>> The way capabilities are checked in this patch make me very nervous.
>>
>> We are not checking permissions at open time. Every other location
>> of calling capable o
On Wed, Oct 29, 2014 at 08:59:44PM -0700, Eric W. Biederman wrote:
> Greg Kroah-Hartman writes:
>
> The way capabilities are checked in this patch make me very nervous.
>
> We are not checking permissions at open time. Every other location
> of calling capable on file like objects has been show
Greg Kroah-Hartman writes:
The way capabilities are checked in this patch make me very nervous.
We are not checking permissions at open time. Every other location
of calling capable on file like objects has been show to be suceptible
to file descriptor pass attacks.
> See Documentation/kdbus.t
From: Daniel Mack
Add the logic to handle the following entities:
Domain:
A domain is a named object containing a number of buses. A
system container that contains its own init system and
users usually also runs in its own kdbus domain. The
/dev/kdbus/domain// directory shows up inside
22 matches
Mail list logo
