LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Security modules and ioctl()

Security modules and ioctl()

Posted Feb 17, 2011 13:31 UTC (Thu) by nix (subscriber, #2304)
In reply to: Security modules and ioctl() by michaeljt
Parent article: Security modules and ioctl()

Well, one possible fix is to rip the ioctl() and unlocked_ioctl() operations out of file_operations completely, turning them into a mandatory lookup into a (per-driver? per-filesystem?) map from ioctl request to (read_required, write_required, function to call to implement this operation).

Upside: makes it impossible to define a new ioctl() request without specifying whether it is a read or write op. Downside: this is... unlikely to be a nondisruptive change, and it's only really for the benefit of LSMs (since the read/write permission bits on devices supporting ioctl() are not used to validate this sort of thing, though they should be, but that would probably break too much of userspace). Which is probably why nobody's done it already.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds