Re: [PATCH v2] nvmem: core: Set no-read-write provider to avoid userspace read/write

From: Gaurav Kohli
Date: Fri Mar 22 2019 - 14:12:50 EST

Next message: Roman Gushchin: "Re: [PATCH] writeback: sum memcg dirty counters as needed"
Previous message: Waiman Long: "Re: [PATCH 2/4] signal: Make flush_sigqueue() use free_q to release memory"
In reply to: Srinivas Kandagatla: "Re: [PATCH v2] nvmem: core: Set no-read-write provider to avoid userspace read/write"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Srinivas,

Thanks for the patch, Something like this only i have tested in the morning, instead of unused, i have put dev group inside config as well.

We will test the exact patch and update the same.

Regards

Gaurav

On 3/22/2019 8:32 PM, Srinivas Kandagatla wrote:

On 20/03/2019 17:50, Gaurav Kohli wrote:

Is root only option not helping you in this case?

Yes we want to protect at root level as well, i mean it is better if we can avoid exposing to userspace at all.
Can you try below patch!

We could go down the route of adding new config option something like CONFIG_NVMEM_NO_SYSFS_ENTRY to prevent adding nvmem entry in userspace.

Let me know if you are happy to create a patch for this change?

I am happy with either way config option or dt binding(seems easy), please let me know we will post new patch for the same.
DT way is totally NAK.

--------------------------->cut<-----------------------------------

From: Srinivas Kandagatla <srinivas.kandagatla@xxxxxxxxxx>
Date: Wed, 20 Mar 2019 16:15:21 +0000
Subject: [PATCH] nvmem: core: add support to NVMEM_NO_SYSFS_ENTRY

Some users might not want to expose nvmem entry to sysfs and
only intend to use kernel interface so add such provision.

Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla@xxxxxxxxxx>
---
ÂDocumentation/ABI/stable/sysfs-bus-nvmem |Â 2 ++
Âdrivers/nvmem/KconfigÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ |Â 5 +++++
Âdrivers/nvmem/core.cÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ | 11 ++++++-----
Â3 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/Documentation/ABI/stable/sysfs-bus-nvmem b/Documentation/ABI/stable/sysfs-bus-nvmem
index 5923ab4620c5..12aab0a85fea 100644
--- a/Documentation/ABI/stable/sysfs-bus-nvmem
+++ b/Documentation/ABI/stable/sysfs-bus-nvmem
@@ -6,6 +6,8 @@ Description:
ÂÂÂÂÂÂÂÂ This file allows user to read/write the raw NVMEM contents.
ÂÂÂÂÂÂÂÂ Permissions for write to this file depends on the nvmem
ÂÂÂÂÂÂÂÂ provider configuration.
+ÂÂÂÂÂÂÂ Note: This file is not present if CONFIG_NVMEM_NO_SYSFS_ENTRY
+ÂÂÂÂÂÂÂ is enabled

ÂÂÂÂÂÂÂÂ ex:
ÂÂÂÂÂÂÂÂ hexdump /sys/bus/nvmem/devices/qfprom0/nvmem
diff --git a/drivers/nvmem/Kconfig b/drivers/nvmem/Kconfig
index 0a7a470ee859..6ab3276d287c 100644
--- a/drivers/nvmem/Kconfig
+++ b/drivers/nvmem/Kconfig
@@ -192,4 +192,9 @@ config SC27XX_EFUSE
ÂÂÂÂÂÂ This driver can also be built as a module. If so, the module
ÂÂÂÂÂÂ will be called nvmem-sc27xx-efuse.

+config NVMEM_NO_SYSFS_ENTRY
+ÂÂÂ bool "No nvmem sysfs entry"
+
+ÂÂÂ help
+ÂÂÂÂÂÂÂ Say Yes if you do not want to add nvmem entry to sysfs.
Âendif
diff --git a/drivers/nvmem/core.c b/drivers/nvmem/core.c
index b9a0270883a0..c70f183fe379 100644
--- a/drivers/nvmem/core.c
+++ b/drivers/nvmem/core.c
@@ -216,7 +216,7 @@ static const struct attribute_group nvmem_bin_rw_group = {
ÂÂÂÂ .attrsÂÂÂÂÂÂÂ = nvmem_attrs,
Â};

-static const struct attribute_group *nvmem_rw_dev_groups[] = {
+static const __maybe_unused struct attribute_group *nvmem_rw_dev_groups[] = {
ÂÂÂÂ &nvmem_bin_rw_group,
ÂÂÂÂ NULL,
Â};
@@ -240,7 +240,7 @@ static const struct attribute_group nvmem_bin_ro_group = {
ÂÂÂÂ .attrsÂÂÂÂÂÂÂ = nvmem_attrs,
Â};

-static const struct attribute_group *nvmem_ro_dev_groups[] = {
+static const __maybe_unused struct attribute_group *nvmem_ro_dev_groups[] = {
ÂÂÂÂ &nvmem_bin_ro_group,
ÂÂÂÂ NULL,
Â};
@@ -265,7 +265,7 @@ static const struct attribute_group nvmem_bin_rw_root_group = {
ÂÂÂÂ .attrsÂÂÂÂÂÂÂ = nvmem_attrs,
Â};

-static const struct attribute_group *nvmem_rw_root_dev_groups[] = {
+static const __maybe_unused struct attribute_group *nvmem_rw_root_dev_groups[] = {
ÂÂÂÂ &nvmem_bin_rw_root_group,
ÂÂÂÂ NULL,
Â};
@@ -289,7 +289,7 @@ static const struct attribute_group nvmem_bin_ro_root_group = {
ÂÂÂÂ .attrsÂÂÂÂÂÂÂ = nvmem_attrs,
Â};

-static const struct attribute_group *nvmem_ro_root_dev_groups[] = {
+static const __maybe_unused struct attribute_group *nvmem_ro_root_dev_groups[] = {
ÂÂÂÂ &nvmem_bin_ro_root_group,
ÂÂÂÂ NULL,
Â};
@@ -688,6 +688,7 @@ struct nvmem_device *nvmem_register(const struct nvmem_config *config)
ÂÂÂÂ nvmem->read_only = device_property_present(config->dev, "read-only") |
ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ config->read_only;

+#if !defined(CONFIG_NVMEM_NO_SYSFS_ENTRY)
ÂÂÂÂ if (config->root_only)
ÂÂÂÂÂÂÂÂ nvmem->dev.groups = nvmem->read_only ?
ÂÂÂÂÂÂÂÂÂÂÂÂ nvmem_ro_root_dev_groups :
@@ -696,7 +697,7 @@ struct nvmem_device *nvmem_register(const struct nvmem_config *config)
ÂÂÂÂÂÂÂÂ nvmem->dev.groups = nvmem->read_only ?
ÂÂÂÂÂÂÂÂÂÂÂÂ nvmem_ro_dev_groups :
ÂÂÂÂÂÂÂÂÂÂÂÂ nvmem_rw_dev_groups;
-
+#endif
ÂÂÂÂ device_initialize(&nvmem->dev);

ÂÂÂÂ dev_dbg(&nvmem->dev, "Registering nvmem device %s\n", config->name);

--
Qualcomm India Private Limited, on behalf of Qualcomm Innovation Center,
Inc. is a member of the Code Aurora Forum,
a Linux Foundation Collaborative Project.

Next message: Roman Gushchin: "Re: [PATCH] writeback: sum memcg dirty counters as needed"
Previous message: Waiman Long: "Re: [PATCH 2/4] signal: Make flush_sigqueue() use free_q to release memory"
In reply to: Srinivas Kandagatla: "Re: [PATCH v2] nvmem: core: Set no-read-write provider to avoid userspace read/write"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]