From: Arnd Bergmann <arnd@arndb.de>
To: "Michał Mirosław" <mirqus@gmail.com>
Cc: John Calixto <john.calixto@modsystems.com>,
linux-mmc@vger.kernel.org, cjb@laptop.org
Subject: Re: [PATCH resend] mmc: Added ioctl to let userspace apps send ACMDs
Date: Sat, 19 Mar 2011 20:00:23 +0100 [thread overview]
Message-ID: <201103192000.24186.arnd@arndb.de> (raw)
In-Reply-To: <AANLkTinKon=D445PEHP2CzeL7OUpf_4y8j0-GA2nmZPt@mail.gmail.com>
On Saturday 19 March 2011, Michał Mirosław wrote:
> W dniu 18 marca 2011 20:26 użytkownik Arnd Bergmann <arnd@arndb.de> napisał:
> > On Friday 18 March 2011 18:56:53 Michał Mirosław wrote:
> >> If that's going to be used by possibly unprivileged userspace process,
> >> then this passthrough should filter and validate all commands it
> >> passes to hardware. If there is a possibility of some command sequence
> >> to generate undefined or otherwise unwanted results, then you need
> >> state tracker that will disallow that sequence to be generated by
> >> unprivileged process.
> > We have precedence for direct host commands in a few other
> > block drivers. In general, any user who can open the block
> > device can issue all commands unless they can directly destroy
> > the hardware. On normal systems, the only user that has write
> > access to block devices is root.
>
> In this case, a process having access to one partition can disrupt
> other partitions on the same card even if it has no access to them in
> any other way.
>
> It is not that unusual on "normal systems" to give write access to
> some partition or device to unprivileged users. Database volumes are
> one example.
We can probably restrict it to the actual block device, and disallow
the ioctl on partitions to avoid that problem.
Arnd
next prev parent reply other threads:[~2011-03-19 19:00 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-03-17 18:28 [PATCH resend] mmc: Added ioctl to let userspace apps send ACMDs John Calixto
2011-03-17 18:35 ` Ben Dooks
2011-03-17 21:55 ` Arnd Bergmann
2011-03-18 17:32 ` John Calixto
2011-03-18 17:56 ` Michał Mirosław
2011-03-18 19:26 ` Arnd Bergmann
2011-03-19 17:36 ` Michał Mirosław
2011-03-19 19:00 ` Arnd Bergmann [this message]
2011-03-21 18:37 ` John Calixto
2011-03-21 23:16 ` Michał Mirosław
2011-03-22 22:31 ` John Calixto
2011-03-23 0:18 ` Michał Mirosław
2011-03-23 0:44 ` John Calixto
2011-03-23 7:57 ` Arnd Bergmann
2011-03-18 19:25 ` Arnd Bergmann
2011-03-18 22:06 ` [PATCH resend] mmc: Added ioctl to let userspace apps send ACMD John Calixto
2011-03-19 11:52 ` Arnd Bergmann
2011-03-20 2:12 ` John Calixto
2011-03-20 5:11 ` Michał Mirosław
2011-03-21 12:25 ` Arnd Bergmann
2011-03-21 14:26 ` Andrei Warkentin
2011-03-21 18:22 ` John Calixto
2011-03-19 0:24 ` [PATCH resend] mmc: Added ioctl to let userspace apps send ACMDs John Calixto
2011-03-19 9:42 ` Arnd Bergmann
2011-03-19 16:09 ` Chris Ball
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201103192000.24186.arnd@arndb.de \
--to=arnd@arndb.de \
--cc=cjb@laptop.org \
--cc=john.calixto@modsystems.com \
--cc=linux-mmc@vger.kernel.org \
--cc=mirqus@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.