From: Paolo Bonzini <pbonzini@redhat.com>
To: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: Jan Kara <jack@suse.cz>, Jens Axboe <axboe@kernel.dk>,
LKML <linux-kernel@vger.kernel.org>,
James Bottomley <JBottomley@parallels.com>,
linux-scsi@vger.kernel.org
Subject: Re: [PATCH] scsi: Silence unnecessary warnings about ioctl to partition
Date: Wed, 02 May 2012 13:02:44 +0200 [thread overview]
Message-ID: <4FA11454.2010103@redhat.com> (raw)
In-Reply-To: <20120502115447.7dcc3a54@pyramind.ukuu.org.uk>
Il 02/05/2012 12:54, Alan Cox ha scritto:
>>> > > Since I have seen warnings from lots of commands, including some proprietary
>>> > > userspace applications, I don't think disallowing the ioctls for processes
>>> > > with CAP_SYS_RAWIO will happen in the near future if ever. So lets just
>>> > > stop warning for processes with CAP_SYS_RAWIO for which ioctl is allowed.
>> >
>> > NACK. I would bet that all the warnings you've seen are for ioctl that
>> > would have failed anyway with ENOTTY.
> Then we don't need the bogus warning do we.
Sure, but then disallowing the ioctls for processes with CAP_SYS_RAWIO
will not cause regressions and _can_ happen. The transition period only
needs to be prolonged for SG_IO, the only one that was reported in the
wild, until people have time to fix their bugs or (I hope not) we give
up and implement a very restrictive filter for SCSI commands sent to
partition.
The right patch is one that prepares for these step,
http://permalink.gmane.org/gmane.linux.kernel/1254625 for example. It
leaves the warning only for SG_IO, and silently blocks the rest (more
rationale in the commit message there).
However, that patch should be applied only at the beginning of the merge
window, not at the end of the release cycle.
Paolo
next prev parent reply other threads:[~2012-05-02 11:03 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-05-02 10:10 [PATCH] scsi: Silence unnecessary warnings about ioctl to partition Jan Kara
2012-05-02 10:15 ` Paolo Bonzini
2012-05-02 10:37 ` Jens Axboe
2012-05-02 10:54 ` Alan Cox
2012-05-02 11:02 ` Paolo Bonzini [this message]
2012-05-02 11:12 ` Alan Cox
2012-05-02 11:24 ` Paolo Bonzini
2012-05-02 12:05 ` Alan Cox
2012-05-02 12:23 ` Paolo Bonzini
2012-05-02 19:38 ` Mark Lord
2012-05-03 7:47 ` Paolo Bonzini
2012-05-03 12:40 ` Mark Lord
2012-05-03 12:47 ` Paolo Bonzini
2012-05-03 17:36 ` Mark Lord
2012-05-04 6:39 ` Paolo Bonzini
2012-05-04 13:06 ` Mark Lord
2012-05-04 13:08 ` Paolo Bonzini
2012-05-04 13:11 ` Mark Lord
2012-05-04 13:24 ` Mark Lord
2012-05-02 13:51 ` Jan Kara
2012-05-02 13:59 ` Paolo Bonzini
2012-05-02 15:10 ` Alan Cox
2012-05-02 15:49 ` Paolo Bonzini
2012-05-02 20:49 ` Paolo Bonzini
2012-05-02 19:49 ` Jan Kara
2012-05-02 21:16 ` Paolo Bonzini
2012-06-15 8:14 ` Paolo Bonzini
2012-06-15 8:46 ` Jan Kara
-- strict thread matches above, loose matches on Subject: below --
2012-06-15 10:50 Jan Kara
2012-06-15 10:51 ` Jens Axboe
2012-06-15 13:58 ` Nick Bowler
2012-06-15 14:22 ` Paolo Bonzini
2012-06-15 14:23 ` Jan Kara
2012-06-15 14:31 ` Nick Bowler
2012-06-15 11:00 ` Alan Cox
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4FA11454.2010103@redhat.com \
--to=pbonzini@redhat.com \
--cc=JBottomley@parallels.com \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=axboe@kernel.dk \
--cc=jack@suse.cz \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).