From: Paolo Bonzini <pbonzini@redhat.com>
To: Tejun Heo <tj@kernel.org>
Cc: linux-kernel@vger.kernel.org, pmatouse@redhat.com,
"James E.J. Bottomley" <JBottomley@parallels.com>,
linux-scsi@kernel.org, Jens Axboe <axboe@kernel.dk>
Subject: Re: [PATCH 06/13] sg_io: whitelist a few more commands for multimedia devices
Date: Fri, 25 Jan 2013 18:57:20 +0100 [thread overview]
Message-ID: <5102C780.3090402@redhat.com> (raw)
In-Reply-To: <20130125172805.GG3081@htj.dyndns.org>
Il 25/01/2013 18:28, Tejun Heo ha scritto:
> On Fri, Jan 25, 2013 at 06:16:04PM +0100, Paolo Bonzini wrote:
>> > Well, you can find broken devices for pretty much every command in the
>> > list. Anyhow, the other two commands are obsolete so I'm okay with
>> > leaving them out, if only for the sake of avoiding useless email threads.
> Once we open the commands to userland this way, it's difficult to
> throttle it back again.
I think the right place to throttle them back would be with a per-device
quirk, but I understand being conservative since we're talking about two
obsolete commands.
> I just fail to see the point of allowing
> everything possible. There's a way to override it (is that in yet?)
No, it's not. I made it patch 13/13 in this series.
> and we can always extend the list later, so please do the minimal set
> with justification
I cannot really give justification for single commands. What this is
going to be used for is virt, but I cannot know of all OSes and all
proprietary software in the wild. You have to some extent accept that
if it is in the standard, somebody had the need for it, usually a big
database vendor.
And because someone _will_ use it from my point of view, I can only give
justification to leave stuff _out_. In general I did so if the command
can disrupt someone else, as would be the case for persistent
reservations. It was not really always respected for the existing
table, for example I'd have left out LOG SELECT, but the series is
already controversial enough, so one thing at a time.
I put these three commands in because I wanted to include somewhere all
the commands that were in my list, and I had no reason to leave them
out. Two of them are obsolete, so if you prefer to keep them out I'll
move them, end of the story. :)
> and can you please stop labeling reviews as "useless"?
Reviews are not useless, but championing the inclusion of two obsolete
commands in a list is not a good use of bandwidth. Because the choice
is arbitrary, the discussion can degenerate too easily into repeatedly
saying the same thing over and over. All I'm trying to do is avoid it.
Paolo
next prev parent reply other threads:[~2013-01-25 17:57 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-01-24 15:00 [PATCH 00/13] Corrections and customization of the SG_IO command whitelist (CVE-2012-4542) Paolo Bonzini
2013-01-24 15:00 ` [PATCH 01/13] sg_io: pass request_queue to blk_verify_command Paolo Bonzini
2013-01-24 22:34 ` Tejun Heo
2013-01-24 15:00 ` [PATCH 02/13] sg_io: reorganize list of allowed commands Paolo Bonzini
2013-01-24 22:42 ` Tejun Heo
2013-01-24 22:49 ` Tejun Heo
2013-01-24 22:58 ` Tejun Heo
2013-01-25 10:01 ` Paolo Bonzini
2013-01-25 17:13 ` Tejun Heo
2013-01-25 17:26 ` Paolo Bonzini
2013-01-24 15:00 ` [PATCH 03/13] sg_io: use different default filters for each device class Paolo Bonzini
2013-01-24 15:00 ` [PATCH 04/13] sg_io: resolve conflicts between commands assigned to multiple classes (CVE-2012-4542) Paolo Bonzini
2013-01-24 15:00 ` [PATCH 05/13] sg_io: whitelist a few more commands for rare & obsolete device types Paolo Bonzini
2013-01-24 15:00 ` [PATCH 06/13] sg_io: whitelist a few more commands for multimedia devices Paolo Bonzini
2013-01-24 22:55 ` Tejun Heo
2013-01-25 9:26 ` Paolo Bonzini
2013-01-25 17:04 ` Tejun Heo
2013-01-25 17:16 ` Paolo Bonzini
2013-01-25 17:28 ` Tejun Heo
2013-01-25 17:57 ` Paolo Bonzini [this message]
2013-01-25 18:13 ` Tejun Heo
2013-01-25 18:47 ` Paolo Bonzini
2013-01-25 19:01 ` Tejun Heo
2013-01-25 22:32 ` Paolo Bonzini
2013-01-25 22:41 ` Tejun Heo
2013-01-25 23:32 ` Paolo Bonzini
2013-01-25 23:47 ` Tejun Heo
2013-01-26 10:18 ` Paolo Bonzini
2013-01-24 15:00 ` [PATCH 07/13] sg_io: whitelist a few more commands for media changers Paolo Bonzini
2013-01-24 15:00 ` [PATCH 08/13] sg_io: whitelist a few more commands for tapes Paolo Bonzini
2013-01-24 15:00 ` [PATCH 09/13] sg_io: whitelist a few more commands for disks Paolo Bonzini
2013-01-24 15:00 ` [PATCH 10/13] sg_io: whitelist a few obsolete commands Paolo Bonzini
2013-01-24 15:00 ` [PATCH 11/13] sg_io: add list of commands that were in the consulted list but are disabled Paolo Bonzini
2013-01-24 15:00 ` [PATCH 12/13] sg_io: remove remnants of sysfs SG_IO filters Paolo Bonzini
2013-01-24 15:00 ` [PATCH 13/13] sg_io: introduce unpriv_sgio queue flag Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5102C780.3090402@redhat.com \
--to=pbonzini@redhat.com \
--cc=JBottomley@parallels.com \
--cc=axboe@kernel.dk \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-scsi@kernel.org \
--cc=pmatouse@redhat.com \
--cc=tj@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).