|
Oliver Neukum |
f5a190 |
From 1651d9e7810e79500b4940122e192b8aaeb2d63c Mon Sep 17 00:00:00 2001
|
|
Oliver Neukum |
f5a190 |
From: Rajat Jain <rajatja@google.com>
|
|
Oliver Neukum |
f5a190 |
Date: Fri, 30 Jul 2021 16:53:04 -0700
|
|
Oliver Neukum |
f5a190 |
Subject: [PATCH] thunderbolt: Add authorized value to the KOBJ_CHANGE uevent
|
|
Oliver Neukum |
f5a190 |
Git-commit: 1651d9e7810e79500b4940122e192b8aaeb2d63c
|
|
Oliver Neukum |
f5a190 |
References: jsc#SLE-19359
|
|
Oliver Neukum |
f5a190 |
Patch-mainline: v5.15-rc1
|
|
Oliver Neukum |
f5a190 |
|
|
Oliver Neukum |
f5a190 |
For security reasons, we would like to monitor and track when the
|
|
Oliver Neukum |
f5a190 |
Thunderbolt devices are authorized and deauthorized (i.e. when the
|
|
Oliver Neukum |
f5a190 |
Thunderbolt sysfs "authorized" attribute changes). Currently the
|
|
Oliver Neukum |
f5a190 |
userspace gets a udev change notification when there is a change, but
|
|
Oliver Neukum |
f5a190 |
the state may have changed (again) by the time we look at the authorized
|
|
Oliver Neukum |
f5a190 |
attribute in sysfs. So an authorization event may go unnoticed. Thus
|
|
Oliver Neukum |
f5a190 |
make it easier by informing the actual change (new value of authorized
|
|
Oliver Neukum |
f5a190 |
attribute) in the udev change notification.
|
|
Oliver Neukum |
f5a190 |
|
|
Oliver Neukum |
f5a190 |
The change is included as a key value "authorized=<val>" where <val>
|
|
Oliver Neukum |
f5a190 |
is the new value of sysfs attribute "authorized", and is described at
|
|
Oliver Neukum |
f5a190 |
Documentation/ABI/testing/sysfs-bus-thunderbolt under
|
|
Oliver Neukum |
f5a190 |
/sys/bus/thunderbolt/devices/.../authorized.
|
|
Oliver Neukum |
f5a190 |
|
|
Oliver Neukum |
f5a190 |
Signed-off-by: Rajat Jain <rajatja@google.com>
|
|
Oliver Neukum |
f5a190 |
Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>
|
|
Oliver Neukum |
f5a190 |
Signed-off-by: Oliver Neukum <oneukum@suse.com>
|
|
Oliver Neukum |
f5a190 |
---
|
|
Oliver Neukum |
f5a190 |
drivers/thunderbolt/switch.c | 13 ++++++++++---
|
|
Oliver Neukum |
f5a190 |
1 file changed, 10 insertions(+), 3 deletions(-)
|
|
Oliver Neukum |
f5a190 |
|
|
Oliver Neukum |
f5a190 |
diff --git a/drivers/thunderbolt/switch.c b/drivers/thunderbolt/switch.c
|
|
Oliver Neukum |
f5a190 |
index 83b1ef3d5d03..bc91887f24c3 100644
|
|
Oliver Neukum |
f5a190 |
--- a/drivers/thunderbolt/switch.c
|
|
Oliver Neukum |
f5a190 |
+++ b/drivers/thunderbolt/switch.c
|
|
Oliver Neukum |
f5a190 |
@@ -1498,6 +1498,7 @@ static ssize_t authorized_show(struct device *dev,
|
|
Oliver Neukum |
f5a190 |
|
|
Oliver Neukum |
f5a190 |
static int disapprove_switch(struct device *dev, void *not_used)
|
|
Oliver Neukum |
f5a190 |
{
|
|
Oliver Neukum |
f5a190 |
+ char *envp[] = { "AUTHORIZED=0", NULL };
|
|
Oliver Neukum |
f5a190 |
struct tb_switch *sw;
|
|
Oliver Neukum |
f5a190 |
|
|
Oliver Neukum |
f5a190 |
sw = tb_to_switch(dev);
|
|
Oliver Neukum |
f5a190 |
@@ -1514,7 +1515,7 @@ static int disapprove_switch(struct device *dev, void *not_used)
|
|
Oliver Neukum |
f5a190 |
return ret;
|
|
Oliver Neukum |
f5a190 |
|
|
Oliver Neukum |
f5a190 |
sw->authorized = 0;
|
|
Oliver Neukum |
f5a190 |
- kobject_uevent(&sw->dev.kobj, KOBJ_CHANGE);
|
|
Oliver Neukum |
f5a190 |
+ kobject_uevent_env(&sw->dev.kobj, KOBJ_CHANGE, envp);
|
|
Oliver Neukum |
f5a190 |
}
|
|
Oliver Neukum |
f5a190 |
|
|
Oliver Neukum |
f5a190 |
return 0;
|
|
Oliver Neukum |
f5a190 |
@@ -1522,7 +1523,9 @@ static int disapprove_switch(struct device *dev, void *not_used)
|
|
Oliver Neukum |
f5a190 |
|
|
Oliver Neukum |
f5a190 |
static int tb_switch_set_authorized(struct tb_switch *sw, unsigned int val)
|
|
Oliver Neukum |
f5a190 |
{
|
|
Oliver Neukum |
f5a190 |
+ char envp_string[13];
|
|
Oliver Neukum |
f5a190 |
int ret = -EINVAL;
|
|
Oliver Neukum |
f5a190 |
+ char *envp[] = { envp_string, NULL };
|
|
Oliver Neukum |
f5a190 |
|
|
Oliver Neukum |
f5a190 |
if (!mutex_trylock(&sw->tb->lock))
|
|
Oliver Neukum |
f5a190 |
return restart_syscall();
|
|
Oliver Neukum |
f5a190 |
@@ -1559,8 +1562,12 @@ static int tb_switch_set_authorized(struct tb_switch *sw, unsigned int val)
|
|
Oliver Neukum |
f5a190 |
|
|
Oliver Neukum |
f5a190 |
if (!ret) {
|
|
Oliver Neukum |
f5a190 |
sw->authorized = val;
|
|
Oliver Neukum |
f5a190 |
- /* Notify status change to the userspace */
|
|
Oliver Neukum |
f5a190 |
- kobject_uevent(&sw->dev.kobj, KOBJ_CHANGE);
|
|
Oliver Neukum |
f5a190 |
+ /*
|
|
Oliver Neukum |
f5a190 |
+ * Notify status change to the userspace, informing the new
|
|
Oliver Neukum |
f5a190 |
+ * value of /sys/bus/thunderbolt/devices/.../authorized.
|
|
Oliver Neukum |
f5a190 |
+ */
|
|
Oliver Neukum |
f5a190 |
+ sprintf(envp_string, "AUTHORIZED=%u", sw->authorized);
|
|
Oliver Neukum |
f5a190 |
+ kobject_uevent_env(&sw->dev.kobj, KOBJ_CHANGE, envp);
|
|
Oliver Neukum |
f5a190 |
}
|
|
Oliver Neukum |
f5a190 |
|
|
Oliver Neukum |
f5a190 |
unlock:
|
|
Oliver Neukum |
f5a190 |
--
|
|
Oliver Neukum |
f5a190 |
2.26.2
|
|
Oliver Neukum |
f5a190 |
|