[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200717085517.56jis3aw53wssf5a@steredhat.lan>
Date: Fri, 17 Jul 2020 10:55:17 +0200
From: Stefano Garzarella <sgarzare@...hat.com>
To: Jens Axboe <axboe@...nel.dk>
Cc: Alexander Viro <viro@...iv.linux.org.uk>,
Kernel Hardening <kernel-hardening@...ts.openwall.com>,
Kees Cook <keescook@...omium.org>, Aleksa Sarai <asarai@...e.de>,
Stefan Hajnoczi <stefanha@...hat.com>,
Christian Brauner <christian.brauner@...ntu.com>,
Sargun Dhillon <sargun@...gun.me>, Jann Horn <jannh@...gle.com>,
io-uring@...r.kernel.org, linux-fsdevel@...r.kernel.org,
Jeff Moyer <jmoyer@...hat.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH RFC v2 2/3] io_uring: add IOURING_REGISTER_RESTRICTIONS
opcode
On Thu, Jul 16, 2020 at 03:26:51PM -0600, Jens Axboe wrote:
> On 7/16/20 6:48 AM, Stefano Garzarella wrote:
> > diff --git a/include/uapi/linux/io_uring.h b/include/uapi/linux/io_uring.h
> > index efc50bd0af34..0774d5382c65 100644
> > --- a/include/uapi/linux/io_uring.h
> > +++ b/include/uapi/linux/io_uring.h
> > @@ -265,6 +265,7 @@ enum {
> > IORING_REGISTER_PROBE,
> > IORING_REGISTER_PERSONALITY,
> > IORING_UNREGISTER_PERSONALITY,
> > + IORING_REGISTER_RESTRICTIONS,
> >
> > /* this goes last */
> > IORING_REGISTER_LAST
> > @@ -293,4 +294,30 @@ struct io_uring_probe {
> > struct io_uring_probe_op ops[0];
> > };
> >
> > +struct io_uring_restriction {
> > + __u16 opcode;
> > + union {
> > + __u8 register_op; /* IORING_RESTRICTION_REGISTER_OP */
> > + __u8 sqe_op; /* IORING_RESTRICTION_SQE_OP */
> > + };
> > + __u8 resv;
> > + __u32 resv2[3];
> > +};
> > +
> > +/*
> > + * io_uring_restriction->opcode values
> > + */
> > +enum {
> > + /* Allow an io_uring_register(2) opcode */
> > + IORING_RESTRICTION_REGISTER_OP,
> > +
> > + /* Allow an sqe opcode */
> > + IORING_RESTRICTION_SQE_OP,
> > +
> > + /* Only allow fixed files */
> > + IORING_RESTRICTION_FIXED_FILES_ONLY,
> > +
> > + IORING_RESTRICTION_LAST
> > +};
> > +
>
> Not sure I totally love this API. Maybe it'd be cleaner to have separate
> ops for this, instead of muxing it like this. One for registering op
> code restrictions, and one for disallowing other parts (like fixed
> files, etc).
>
> I think that would look a lot cleaner than the above.
>
I'm not sure I got your point.
Do you mean two different register ops?
For example, maybe with better names... ;-):
IORING_REGISTER_RESTRICTIONS_OPS
IORING_REGISTER_RESTRICTIONS_OTHERS
Or a single register op like now, and a new restriction opcode adding
also a new field in the struct io_uring_restriction?
For example:
struct io_uring_restriction {
__u16 opcode;
union {
__u8 register_op; /* IORING_RESTRICTION_REGISTER_OP */
__u8 sqe_op; /* IORING_RESTRICTION_SQE_OP */
__u8 restriction; /* IORING_RESTRICTION_OP */
};
__u8 resv;
__u32 resv2[3];
};
/*
* io_uring_restriction->opcode values
*/
enum {
/* Allow an io_uring_register(2) opcode */
IORING_RESTRICTION_REGISTER_OP,
/* Allow an sqe opcode */
IORING_RESTRICTION_SQE_OP,
IORING_RESTRICTION_OP,
IORING_RESTRICTION_LAST
};
enum {
/* Only allow fixed files */
IORING_RESTRICTION_OP_FIXED_FILES_ONLY,
};
Thanks,
Stefano
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
