[PATCH v2] genirq: procfs: Make smp_affinity read-only for interrupts that userspace can't set

From: Jeff Xie
Date: Sun Aug 25 2024 - 09:20:05 EST

Next message: Hans de Goede: "[PATCH] mfd: intel_soc_pmic_chtwc: Make Lenovo Yoga Tab 3 X90F DMI match less strict"
Previous message: Hans de Goede: "Re: [PATCH] Input: matrix-keymap - switch to using __free() cleanup facility"
Next in thread: Thomas Gleixner: "Re: [PATCH v2] genirq: procfs: Make smp_affinity read-only for interrupts that userspace can't set"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The kernel already knows at the time of interrupt allocation that the
affinity cannot be controlled by userspace and therefore creating the
file with write permissions is wrong.

Therefore set the file permissions to read-only for such interrupts.

Signed-off-by: Jeff Xie <jeff.xie@xxxxxxxxx>
---
v2:
- Updated the description suggested by tglx
- Corrected the return value from -EIO to -EPERM when the userspace can't set the affinity

kernel/irq/proc.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/kernel/irq/proc.c b/kernel/irq/proc.c
index 8cccdf40725a..7b3a4c92d148 100644
--- a/kernel/irq/proc.c
+++ b/kernel/irq/proc.c
@@ -142,7 +142,7 @@ static ssize_t write_irq_affinity(int type, struct file *file,
int err;

if (!irq_can_set_affinity_usr(irq) || no_irq_affinity)
- return -EIO;
+ return -EPERM;

if (!zalloc_cpumask_var(&new_value, GFP_KERNEL))
return -ENOMEM;
@@ -340,6 +340,7 @@ void register_irq_proc(unsigned int irq, struct irq_desc *desc)
static DEFINE_MUTEX(register_lock);
void __maybe_unused *irqp = (void *)(unsigned long) irq;
char name [MAX_NAMELEN];
+ umode_t umode = S_IRUGO;

if (!root_irq_dir || (desc->irq_data.chip == &no_irq_chip))
return;
@@ -362,8 +363,11 @@ void register_irq_proc(unsigned int irq, struct irq_desc *desc)
goto out_unlock;

#ifdef CONFIG_SMP
+ if (irq_can_set_affinity_usr(desc->irq_data.irq))
+ umode |= S_IWUSR;
+
/* create /proc/irq/<irq>/smp_affinity */
- proc_create_data("smp_affinity", 0644, desc->dir,
+ proc_create_data("smp_affinity", umode, desc->dir,
&irq_affinity_proc_ops, irqp);

/* create /proc/irq/<irq>/affinity_hint */
@@ -371,7 +375,7 @@ void register_irq_proc(unsigned int irq, struct irq_desc *desc)
irq_affinity_hint_proc_show, irqp);

/* create /proc/irq/<irq>/smp_affinity_list */
- proc_create_data("smp_affinity_list", 0644, desc->dir,
+ proc_create_data("smp_affinity_list", umode, desc->dir,
&irq_affinity_list_proc_ops, irqp);

proc_create_single_data("node", 0444, desc->dir, irq_node_proc_show,
--
2.34.1

Next message: Hans de Goede: "[PATCH] mfd: intel_soc_pmic_chtwc: Make Lenovo Yoga Tab 3 X90F DMI match less strict"
Previous message: Hans de Goede: "Re: [PATCH] Input: matrix-keymap - switch to using __free() cleanup facility"
Next in thread: Thomas Gleixner: "Re: [PATCH v2] genirq: procfs: Make smp_affinity read-only for interrupts that userspace can't set"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]