From: Bjorn Helgaas <helgaas@kernel.org>
To: "Krzysztof Wilczyński" <kw@linux.com>
Cc: Bjorn Helgaas <bhelgaas@google.com>,
Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>,
Kishon Vijay Abraham I <kishon@ti.com>,
linux-pci@vger.kernel.org
Subject: Re: [PATCH 2/4] PCI/sysfs: Check CAP_SYS_ADMIN before parsing user input
Date: Tue, 14 Sep 2021 15:40:14 -0500 [thread overview]
Message-ID: <20210914204014.GA1455147@bjorn-Precision-5520> (raw)
In-Reply-To: <20210705212308.3050976-2-kw@linux.com>
On Mon, Jul 05, 2021 at 09:23:06PM +0000, Krzysztof Wilczyński wrote:
> Check if the "CAP_SYS_ADMIN" capability flag is set before parsing user
> input as it makes more sense to first check whether the current user
> actually has the right permissions before accepting any input from such
> user.
>
> This will also make order in which enable_store() and msi_bus_store()
> perform the "CAP_SYS_ADMIN" capability check consistent with other
> PCI-related sysfs objects that first verify whether user has this
> capability set.
I like this one. Can you rebase it to skip patch 1/4 (unless you
convince me that 1/4 is safe)?
> Signed-off-by: Krzysztof Wilczyński <kw@linux.com>
> ---
> drivers/pci/pci-sysfs.c | 12 ++++++------
> 1 file changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c
> index 0f98c4843764..bc4c141e4c1c 100644
> --- a/drivers/pci/pci-sysfs.c
> +++ b/drivers/pci/pci-sysfs.c
> @@ -275,13 +275,13 @@ static ssize_t enable_store(struct device *dev, struct device_attribute *attr,
> struct pci_dev *pdev = to_pci_dev(dev);
> ssize_t result = 0;
>
> - if (kstrtobool(buf, &enable) < 0)
> - return -EINVAL;
> -
> /* this can crash the machine when done on the "wrong" device */
> if (!capable(CAP_SYS_ADMIN))
> return -EPERM;
>
> + if (kstrtobool(buf, &enable) < 0)
> + return -EINVAL;
> +
> device_lock(dev);
> if (dev->driver)
> result = -EBUSY;
> @@ -377,12 +377,12 @@ static ssize_t msi_bus_store(struct device *dev, struct device_attribute *attr,
> struct pci_dev *pdev = to_pci_dev(dev);
> struct pci_bus *subordinate = pdev->subordinate;
>
> - if (kstrtobool(buf, &enable) < 0)
> - return -EINVAL;
> -
> if (!capable(CAP_SYS_ADMIN))
> return -EPERM;
>
> + if (kstrtobool(buf, &enable) < 0)
> + return -EINVAL;
> +
> /*
> * "no_msi" and "bus_flags" only affect what happens when a driver
> * requests MSI or MSI-X. They don't affect any drivers that have
> --
> 2.32.0
>
next prev parent reply other threads:[~2021-09-14 20:40 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-05 21:23 [PATCH 1/4] PCI/sysfs: Move to kstrtobool() to handle user input Krzysztof Wilczyński
2021-07-05 21:23 ` [PATCH 2/4] PCI/sysfs: Check CAP_SYS_ADMIN before parsing " Krzysztof Wilczyński
2021-09-14 20:40 ` Bjorn Helgaas [this message]
2021-09-15 1:15 ` Krzysztof Wilczyński
2021-07-05 21:23 ` [PATCH 3/4] PCI/sysfs: Return -EINVAL consistently from "store" functions Krzysztof Wilczyński
2021-07-06 0:24 ` kernel test robot
2021-07-06 0:35 ` Krzysztof Wilczyński
2021-07-05 21:23 ` [PATCH 4/4] PCI: Don't use the strtobool() wrapper for kstrtobool() Krzysztof Wilczyński
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210914204014.GA1455147@bjorn-Precision-5520 \
--to=helgaas@kernel.org \
--cc=bhelgaas@google.com \
--cc=kishon@ti.com \
--cc=kw@linux.com \
--cc=linux-pci@vger.kernel.org \
--cc=lorenzo.pieralisi@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox