Re: [PATCH 2/2] gpiolib: cdev: export the consumer's PID

From: Bartosz Golaszewski
Date: Fri Sep 09 2022 - 15:18:48 EST

Next message: Serge Semin: "[PATCH 1/2] nvme-hwmon: Cache-line-align the NVME SMART log-buffer"
Previous message: pr-tracker-bot: "Re: [GIT PULL] Please pull RDMA subsystem changes"
In reply to: Andy Shevchenko: "Re: [PATCH 2/2] gpiolib: cdev: export the consumer's PID"
Next in thread: Kent Gibson: "Re: [PATCH 2/2] gpiolib: cdev: export the consumer's PID"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Sep 9, 2022 at 3:48 PM Andy Shevchenko
<andriy.shevchenko@xxxxxxxxxxxxxxx> wrote:
>
> +Cc: Kees
>
> On Fri, Sep 09, 2022 at 02:13:29PM +0200, Bartosz Golaszewski wrote:
> > It's useful for user-space to be able to know the PIDs of processes
> > holding GPIO lines in case they have the permissions and need to kill
> > them.
> >
> > Extend the gpio_v2_line_info structure with the consumer_pid field
> > that's set to the PID of the user-space process or 0 if the user lives
> > in the kernel.
>
> I'm wondering if there is any security implications and this PID
> can be abused.
>

I was wondering about that too but nothing came to my mind. By default
any user - even one who doesn't have permissions to access
/dev/gpiochip* - can already figure out by browsing /proc/$PID/fd that
a process does have some lines requested - but not which exactly. This
provides that additional bit of knowledge to users who already do have
permissions to call ioctl() on /dev/gpiochip*.

Bart

Next message: Serge Semin: "[PATCH 1/2] nvme-hwmon: Cache-line-align the NVME SMART log-buffer"
Previous message: pr-tracker-bot: "Re: [GIT PULL] Please pull RDMA subsystem changes"
In reply to: Andy Shevchenko: "Re: [PATCH 2/2] gpiolib: cdev: export the consumer's PID"
Next in thread: Kent Gibson: "Re: [PATCH 2/2] gpiolib: cdev: export the consumer's PID"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]