Re: How to tell whether a struct file is held by a process?
From: Alan Cox
Date: Thu May 21 2009 - 18:13:59 EST
> Not sure, if we already discussed that with a conclusion: this
> "prevent access to a future device" interface needs to work at the pid
> level, or would a uid/gid check be sufficient?
As I said before neither pid or uid make any sense at all for a kernel
level check beyond what already exists at user space level (ie chown),
and what the usual user space gunk provides for device creation policy
(udev)
> Root can do all that stuff anyway, even with the locking in place.
> Uid/gid file permissions need to be applied to the "lock file", so
> specified non-root users can use that interface.
It's actually sometimes important that root can ignore the lock
files - eg to send a reset to a channel of a jammed device that is owned
by a user and wedged.
> Maybe it would be good enough, to check that the one that opened the
> "lock file" has the same uid/gid as the on that tries to open the
> device when it has shown up?
My feeling too - there simply isn't any need for kernel infrastructure
here. The only case the kernel must be involved is when you need
exclusivity including telling the kernel to leave things alone, and even
that usually only needs to be by specific handle and we normally borrow
O_EXCL for it as it has no "traditional" meaning on device nodes.
We do tty devices with lock files no reason it won't work for USB stuff
too.
Alan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/