On Fri, Jan 28, 2022 at 6:05 PM Petro Karashchenko < petro.karashche...@gmail.com> wrote:
> Hello, > > Yes, but how does this relate to "0000" mode for "register_driver()"? > "0000" means no read/write/execute permission, I can't imagine any real driver could benefit from it. > Maybe you can describe some use case so it will become more clear? > Currently ioctl works fine if driver is registered with "0000" permission > mode. > Yes, because no place checks the permission in ioctl code path, but it is the wrong implementation. Since different IOCTL does the different thing(e.g. query/change state or get version number), the correct implementation should check the permission case by case, for example: 1. FIOC_REFORMAT needs check write permission 2. FIONREAD needs check read permission Since NuttX doesn't encode the required permissions into ioctl code, the check has to be done by an individual ioctl handler. > Best regards, > Petro > > пт, 28 січ. 2022 р. о 11:39 Xiang Xiao <xiaoxiang781...@gmail.com> пише: > > > > If we want to do the correct permission check, the ioctl handler needs to > > check R/W bit by itself based on how the ioctl is implemented. > > Or follow up how Linux encode the needed permission into each IOCTL: > > > https://github.com/torvalds/linux/blob/master/include/uapi/asm-generic/ioctl.h#L85-L91 > > and let's VFS layer do the check for each driver. > > > > On Fri, Jan 28, 2022 at 5:14 PM Petro Karashchenko < > > petro.karashche...@gmail.com> wrote: > > > > > Hello team, > > > > > > Recently I have noticed that there are many places in code where > > > register_driver() is called with non-zero mode with file operation > > > structures that have neither read nor write APIs implemented. For > > > example "ret = register_driver(path, &opamp_fops, 0444, dev);" while > > > opamp_fops has only "opamp_open", "opamp_close" and "opamp_ioctl" > > > implemented. I made a PR to fix it > > > https://github.com/apache/incubator-nuttx/pull/5347 and change mode > > > from "0444" to "0000", but want to ask if anyone sees any drawback in > > > such an approach? Maybe I'm missing something? > > > > > > Best regards, > > > Petro > > > >
