From: Paolo Bonzini <pbonzini@redhat.com>
To: Christoph Hellwig <hch@lst.de>, snitzer@redhat.com, axboe@kernel.dk
Cc: agk@redhat.com, dm-devel@redhat.com, linux-block@vger.kernel.org
Subject: Re: [PATCH v3] dm: don't allow ioctls to targets that don't map to whole devices
Date: Fri, 3 Feb 2017 08:56:40 -0800 [thread overview]
Message-ID: <aa7c07db-3dc7-0293-7ad1-901015a340fb@redhat.com> (raw)
In-Reply-To: <20170203163708.13943-1-hch@lst.de>
On 03/02/2017 08:37, Christoph Hellwig wrote:
> .. at least for unprivileged users. Before we called into the SCSI
> ioctl code to allow excemptions for a few SCSI passthrough ioctls,
> but this is pretty unsafe and except for this call dm knows nothing
> about SCSI ioctls.
>
> As the SCSI ioctl code is now optional, we really don't want to
> drag it in for DM, and the exception is not very useful anyway.
>
> Signed-off-by: Christoph Hellwig <hch@lst.de>
> Acked-by: Mike Snitzer <snitzer@redhat.com>
> ---
> drivers/md/dm.c | 13 ++++++++-----
> 1 file changed, 8 insertions(+), 5 deletions(-)
>
> diff --git a/drivers/md/dm.c b/drivers/md/dm.c
> index 9e958bc94fed..fd4331aa2e19 100644
> --- a/drivers/md/dm.c
> +++ b/drivers/md/dm.c
> @@ -465,13 +465,16 @@ static int dm_blk_ioctl(struct block_device *bdev, fmode_t mode,
>
> if (r > 0) {
> /*
> - * Target determined this ioctl is being issued against
> - * a logical partition of the parent bdev; so extra
> - * validation is needed.
> + * Target determined this ioctl is being issued against a
> + * subset of the parent bdev; require extra privileges.
> */
> - r = scsi_verify_blk_ioctl(NULL, cmd);
> - if (r)
> + if (!capable(CAP_SYS_RAWIO)) {
> + DMWARN_LIMIT(
> + "%s: sending ioctl %x to DM device without required privilege.\n",
> + current->comm, cmd);
> + r = -ENOIOCTLCMD;
> goto out;
> + }
> }
>
> r = __blkdev_driver_ioctl(bdev, mode, cmd, arg);
>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Thanks,
Paolo
prev parent reply other threads:[~2017-02-03 16:56 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-03 16:37 [PATCH v3] dm: don't allow ioctls to targets that don't map to whole devices Christoph Hellwig
2017-02-03 16:39 ` Mike Snitzer
2017-02-03 16:41 ` Christoph Hellwig
2017-02-03 18:17 ` Johannes Thumshirn
2017-02-03 21:41 ` Bart Van Assche
2017-02-06 7:29 ` Johannes Thumshirn
2017-02-03 16:56 ` Paolo Bonzini [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aa7c07db-3dc7-0293-7ad1-901015a340fb@redhat.com \
--to=pbonzini@redhat.com \
--cc=agk@redhat.com \
--cc=axboe@kernel.dk \
--cc=dm-devel@redhat.com \
--cc=hch@lst.de \
--cc=linux-block@vger.kernel.org \
--cc=snitzer@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).