From: hooanon05-/E1597aS9LR3+QwDJ9on6Q@public.gmane.org
To: Andrew Morton <akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>
Cc: Linus Torvalds
<torvalds-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>,
akinobu.mita-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org,
hch-jcswGhMUV9g@public.gmane.org,
jens.axboe-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org,
kzak-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
tomas-VOkecuvH9Oc@public.gmane.org,
util-linux-ng-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
viro-RmSDqhL/yNMiFSDQTTA3OLVCufUGDwFn@public.gmane.org
Subject: Re: [patch 260/266] loop: add ioctl to resize a loop device
Date: Wed, 07 Jan 2009 15:13:46 +0900 [thread overview]
Message-ID: <31718.1231308826@jrobl> (raw)
In-Reply-To: <20090106160414.b165d452.akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>
Andrew Morton:
> > There is apparently no security checking here. No way can we allow this
> > for any random user that can open the loopback device read-only and then
> > just change its size.
> >
> > It needs to use all the same security checks as "loop_set_status()" and
> > friends, afaik.
> >
>
> oops, didn't think of that.
I will add some security checks and send a new patch. But it may not be
purely same to loop_set_status() since the checks for encrypt_key or
something is unnecessary.
> This can overflow if sector_t is 32-bit. Fix with:
>
> sz = (loff_t)sec << 9;
I will fix and send it too.
J. R. Okajima
--
To unsubscribe from this list: send the line "unsubscribe linux-api" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2009-01-07 6:13 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-01-06 22:43 [patch 260/266] loop: add ioctl to resize a loop device akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b
[not found] ` <200901062243.n06Mh7HR004493-AB4EexQrvXRQetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org>
2009-01-06 23:58 ` Linus Torvalds
[not found] ` <alpine.LFD.2.00.0901061554140.8799-bi+AKbBUZKY6gyzm1THtWbp2dZbC/Bob@public.gmane.org>
2009-01-07 0:04 ` Andrew Morton
[not found] ` <20090106160414.b165d452.akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>
2009-01-07 6:13 ` hooanon05-/E1597aS9LR3+QwDJ9on6Q [this message]
2009-01-07 6:14 ` [PATCH 1/2] security check for LOOP_SET_CAPACITY J. R. Okajima
2009-01-07 6:14 ` [PATCH 2/2] LOOP_SET_CAPACITY sector_t may be narrow for bit-shfit J. R. Okajima
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=31718.1231308826@jrobl \
--to=hooanon05-/e1597as9lr3+qwdj9on6q@public.gmane.org \
--cc=akinobu.mita-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org \
--cc=hch-jcswGhMUV9g@public.gmane.org \
--cc=jens.axboe-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org \
--cc=kzak-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=tomas-VOkecuvH9Oc@public.gmane.org \
--cc=torvalds-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org \
--cc=util-linux-ng-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=viro-RmSDqhL/yNMiFSDQTTA3OLVCufUGDwFn@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.