Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

2017-10-18 22:07 GMT+02:00 Laura Abbott : > On 09/27/2017 06:20 AM, Benjamin Gaignard wrote: >> diff --git a/drivers/staging/android/ion/ion.c >> b/drivers/staging/android/ion/ion.c >> index 93e2c90..092b24c 100644 >> --- a/drivers/staging/android/ion/ion.c >> +++

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

2017-10-18 22:07 GMT+02:00 Laura Abbott : > On 09/27/2017 06:20 AM, Benjamin Gaignard wrote: >> diff --git a/drivers/staging/android/ion/ion.c >> b/drivers/staging/android/ion/ion.c >> index 93e2c90..092b24c 100644 >> --- a/drivers/staging/android/ion/ion.c >> +++

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On 09/27/2017 06:20 AM, Benjamin Gaignard wrote: > diff --git a/drivers/staging/android/ion/ion.c > b/drivers/staging/android/ion/ion.c > index 93e2c90..092b24c 100644 > --- a/drivers/staging/android/ion/ion.c > +++ b/drivers/staging/android/ion/ion.c > @@ -40,6 +40,8 @@ > > #include "ion.h" >

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On 09/27/2017 06:20 AM, Benjamin Gaignard wrote: > diff --git a/drivers/staging/android/ion/ion.c > b/drivers/staging/android/ion/ion.c > index 93e2c90..092b24c 100644 > --- a/drivers/staging/android/ion/ion.c > +++ b/drivers/staging/android/ion/ion.c > @@ -40,6 +40,8 @@ > > #include "ion.h" >

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

2017-10-17 0:09 GMT+02:00 Laura Abbott : > On 10/10/2017 02:11 AM, Mark Brown wrote: >> On Mon, Oct 09, 2017 at 05:10:37PM -0700, Laura Abbott wrote: >>> On 10/09/2017 03:08 PM, Mark Brown wrote: On Mon, Oct 09, 2017 at 02:25:47PM -0700, Laura Abbott wrote: >> >

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

2017-10-17 0:09 GMT+02:00 Laura Abbott : > On 10/10/2017 02:11 AM, Mark Brown wrote: >> On Mon, Oct 09, 2017 at 05:10:37PM -0700, Laura Abbott wrote: >>> On 10/09/2017 03:08 PM, Mark Brown wrote: On Mon, Oct 09, 2017 at 02:25:47PM -0700, Laura Abbott wrote: >> > Anyway, to move this

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On 10/10/2017 02:11 AM, Mark Brown wrote: > On Mon, Oct 09, 2017 at 05:10:37PM -0700, Laura Abbott wrote: >> On 10/09/2017 03:08 PM, Mark Brown wrote: >>> On Mon, Oct 09, 2017 at 02:25:47PM -0700, Laura Abbott wrote: > Anyway, to move this forward I think we need to see a proof of concept

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On 10/10/2017 02:11 AM, Mark Brown wrote: > On Mon, Oct 09, 2017 at 05:10:37PM -0700, Laura Abbott wrote: >> On 10/09/2017 03:08 PM, Mark Brown wrote: >>> On Mon, Oct 09, 2017 at 02:25:47PM -0700, Laura Abbott wrote: > Anyway, to move this forward I think we need to see a proof of concept

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On Mon, Oct 09, 2017 at 05:10:37PM -0700, Laura Abbott wrote: > On 10/09/2017 03:08 PM, Mark Brown wrote: > > On Mon, Oct 09, 2017 at 02:25:47PM -0700, Laura Abbott wrote: > >> Anyway, to move this forward I think we need to see a proof of concept > >> of using selinux to protect access to

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On Mon, Oct 09, 2017 at 05:10:37PM -0700, Laura Abbott wrote: > On 10/09/2017 03:08 PM, Mark Brown wrote: > > On Mon, Oct 09, 2017 at 02:25:47PM -0700, Laura Abbott wrote: > >> Anyway, to move this forward I think we need to see a proof of concept > >> of using selinux to protect access to

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On 10/09/2017 03:08 PM, Mark Brown wrote: > On Mon, Oct 09, 2017 at 02:25:47PM -0700, Laura Abbott wrote: > >> Anyway, to move this forward I think we need to see a proof of concept >> of using selinux to protect access to specific heaps. > > Aren't Unix permissions enough with separate files or

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On 10/09/2017 03:08 PM, Mark Brown wrote: > On Mon, Oct 09, 2017 at 02:25:47PM -0700, Laura Abbott wrote: > >> Anyway, to move this forward I think we need to see a proof of concept >> of using selinux to protect access to specific heaps. > > Aren't Unix permissions enough with separate files or

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On Mon, Oct 09, 2017 at 02:25:47PM -0700, Laura Abbott wrote: > Anyway, to move this forward I think we need to see a proof of concept > of using selinux to protect access to specific heaps. Aren't Unix permissions enough with separate files or am I misunderstanding what you're looking to see a

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On Mon, Oct 09, 2017 at 02:25:47PM -0700, Laura Abbott wrote: > Anyway, to move this forward I think we need to see a proof of concept > of using selinux to protect access to specific heaps. Aren't Unix permissions enough with separate files or am I misunderstanding what you're looking to see a

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On 10/05/2017 06:06 AM, Benjamin Gaignard wrote: > 2017-10-04 12:17 GMT+02:00 Mark Brown : >> On Tue, Oct 03, 2017 at 04:08:30PM -0700, Sandeep Patil wrote: >> >>> It is entirely possible and easy in android/ueventd to create those nodes >>> under "/dev/ion/". (assuming the

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On 10/05/2017 06:06 AM, Benjamin Gaignard wrote: > 2017-10-04 12:17 GMT+02:00 Mark Brown : >> On Tue, Oct 03, 2017 at 04:08:30PM -0700, Sandeep Patil wrote: >> >>> It is entirely possible and easy in android/ueventd to create those nodes >>> under "/dev/ion/". (assuming the heap 'subsystem' for

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

2017-10-04 12:17 GMT+02:00 Mark Brown : > On Tue, Oct 03, 2017 at 04:08:30PM -0700, Sandeep Patil wrote: > >> It is entirely possible and easy in android/ueventd to create those nodes >> under "/dev/ion/". (assuming the heap 'subsystem' for these new devices will >> point to

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

2017-10-04 12:17 GMT+02:00 Mark Brown : > On Tue, Oct 03, 2017 at 04:08:30PM -0700, Sandeep Patil wrote: > >> It is entirely possible and easy in android/ueventd to create those nodes >> under "/dev/ion/". (assuming the heap 'subsystem' for these new devices will >> point to 'ion'). I think it

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On Tue, Oct 03, 2017 at 04:08:30PM -0700, Sandeep Patil wrote: > It is entirely possible and easy in android/ueventd to create those nodes > under "/dev/ion/". (assuming the heap 'subsystem' for these new devices will > point to 'ion'). The reason I didn't say /dev/ion/foo initially is that if

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On Tue, Oct 03, 2017 at 04:08:30PM -0700, Sandeep Patil wrote: > It is entirely possible and easy in android/ueventd to create those nodes > under "/dev/ion/". (assuming the heap 'subsystem' for these new devices will > point to 'ion'). The reason I didn't say /dev/ion/foo initially is that if

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On 10/03/2017 04:08 PM, Sandeep Patil wrote: > On Tue, Oct 03, 2017 at 02:42:32PM -0700, Laura Abbott wrote: >> On 10/03/2017 09:48 AM, Mark Brown wrote: >>> On Mon, Oct 02, 2017 at 11:07:48AM -0700, Laura Abbott wrote: >>> Thinking about this a bit more, I'm not 100% sure if this will

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On 10/03/2017 04:08 PM, Sandeep Patil wrote: > On Tue, Oct 03, 2017 at 02:42:32PM -0700, Laura Abbott wrote: >> On 10/03/2017 09:48 AM, Mark Brown wrote: >>> On Mon, Oct 02, 2017 at 11:07:48AM -0700, Laura Abbott wrote: >>> Thinking about this a bit more, I'm not 100% sure if this will

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On Tue, Oct 03, 2017 at 02:42:32PM -0700, Laura Abbott wrote: > On 10/03/2017 09:48 AM, Mark Brown wrote: > > On Mon, Oct 02, 2017 at 11:07:48AM -0700, Laura Abbott wrote: > > > >> Thinking about this a bit more, I'm not 100% sure if this > >> will allow the security rules we want. Heap ids are

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On Tue, Oct 03, 2017 at 02:42:32PM -0700, Laura Abbott wrote: > On 10/03/2017 09:48 AM, Mark Brown wrote: > > On Mon, Oct 02, 2017 at 11:07:48AM -0700, Laura Abbott wrote: > > > >> Thinking about this a bit more, I'm not 100% sure if this > >> will allow the security rules we want. Heap ids are

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On 10/03/2017 09:48 AM, Mark Brown wrote: > On Mon, Oct 02, 2017 at 11:07:48AM -0700, Laura Abbott wrote: > >> Thinking about this a bit more, I'm not 100% sure if this >> will allow the security rules we want. Heap ids are assigned >> dynamically and therefore so will the /dev/ionX designation.

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On 10/03/2017 09:48 AM, Mark Brown wrote: > On Mon, Oct 02, 2017 at 11:07:48AM -0700, Laura Abbott wrote: > >> Thinking about this a bit more, I'm not 100% sure if this >> will allow the security rules we want. Heap ids are assigned >> dynamically and therefore so will the /dev/ionX designation.

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On Mon, Oct 02, 2017 at 11:07:48AM -0700, Laura Abbott wrote: > Thinking about this a bit more, I'm not 100% sure if this > will allow the security rules we want. Heap ids are assigned > dynamically and therefore so will the /dev/ionX designation. > From my understanding, security rules like

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On Mon, Oct 02, 2017 at 11:07:48AM -0700, Laura Abbott wrote: > Thinking about this a bit more, I'm not 100% sure if this > will allow the security rules we want. Heap ids are assigned > dynamically and therefore so will the /dev/ionX designation. > From my understanding, security rules like

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On 09/27/2017 06:20 AM, Benjamin Gaignard wrote: > Instead a getting only one common device "/dev/ion" for > all the heaps this patch allow to create one device > entry ("/dev/ionX") per heap. > Getting an entry per heap could allow to set security rules > per heap and global ones for all heaps. >

Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

On 09/27/2017 06:20 AM, Benjamin Gaignard wrote: > Instead a getting only one common device "/dev/ion" for > all the heaps this patch allow to create one device > entry ("/dev/ionX") per heap. > Getting an entry per heap could allow to set security rules > per heap and global ones for all heaps. >

[PATCH v5 2/2] staging: ion: create one device entry per heap

Instead a getting only one common device "/dev/ion" for all the heaps this patch allow to create one device entry ("/dev/ionX") per heap. Getting an entry per heap could allow to set security rules per heap and global ones for all heaps. Allocation requests will be only allowed if the mask_id

[PATCH v5 2/2] staging: ion: create one device entry per heap

Instead a getting only one common device "/dev/ion" for all the heaps this patch allow to create one device entry ("/dev/ionX") per heap. Getting an entry per heap could allow to set security rules per heap and global ones for all heaps. Allocation requests will be only allowed if the mask_id