From: Paolo Bonzini <pbonzini@redhat.com>
To: Mike Snitzer <snitzer@redhat.com>
Cc: hch@lst.de,
Mauricio Faria de Oliveira <mauricfo@linux.vnet.ibm.com>,
dm-devel@redhat.com, hare@suse.de, linux-scsi@vger.kernel.org
Subject: Re: IBM request to allow unprivledged ioctls [Was: Revert "dm mpath: fix stalls when handling invalid ioctls"]
Date: Mon, 2 Nov 2015 10:55:40 +0100 [thread overview]
Message-ID: <5637331C.3060908@redhat.com> (raw)
In-Reply-To: <20151031224707.GA12805@redhat.com>
On 31/10/2015 23:47, Mike Snitzer wrote:
> Yes, with your commit ec8013be ("dm: do not forward ioctls from logical
> volumes to the underlying device") you added protections to disallow
> issuing ioctls to a partition that could impact the rest of the device.
>
> Given that I can see why you're seizing on the "ti->len !=
> i_size_read(bdev->bd_inode) >> SECTOR_SHIFT" negative checks that gate
> the call to scsi_verify_blk_ioctl().
Right.
> For Hannes, and in my head, it didn't matter if a future bdev satisfies
> the length condition.
I agree actually. The only problem is that the returned errno value is
ENOTTY, and to userspace that "sounds like" a future bdev will not make
the ioctl valid.
> I could've sworn that unprivledged users (without CAP_SYS_RAWIO)
> wouldn't be allowed to issue ioctls. Am I completely mistaken?
They are allowed to issue ioctls.
CAP_SYS_RAWIO changes that to also allow issuing of ioctls to
partitions. That was required by Linus for backwards compatibility.
> Or is
> it still contentious and DM-mpath removing the ability to allow these
> unprivledged ioctls (as a side-effect of Hannes' commit ec8013be) makes
> your life, and other virt users' lives, harder?
Yes, it would. virt runs as an unprivileged user (so does CD burning,
which was the original reason to let SG_IO run by unprivileged users;
there are probably other use cases).
Paolo
prev parent reply other threads:[~2015-11-02 9:55 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1446121463-17828-1-git-send-email-mauricfo@linux.vnet.ibm.com>
2015-10-29 13:18 ` IBM request to allow unprivledged ioctls [Was: Revert "dm mpath: fix stalls when handling invalid ioctls"] Mike Snitzer
2015-10-29 14:47 ` [dm-devel] " Mauricio Faria de Oliveira
2015-10-31 15:33 ` Paolo Bonzini
2015-10-31 18:13 ` Mike Snitzer
2015-10-31 18:36 ` Mike Snitzer
2015-10-31 19:07 ` Paolo Bonzini
2015-10-31 22:47 ` Mike Snitzer
2015-11-02 7:28 ` Hannes Reinecke
2015-11-02 9:57 ` Paolo Bonzini
2015-11-02 13:31 ` Mike Snitzer
2015-11-02 13:56 ` Hannes Reinecke
2015-11-02 14:12 ` Mike Snitzer
2015-11-02 14:36 ` Hannes Reinecke
2015-11-02 15:14 ` Mike Snitzer
2015-11-02 15:29 ` Hannes Reinecke
2015-11-02 14:52 ` Paolo Bonzini
2015-11-02 15:05 ` Mike Snitzer
2015-11-02 15:45 ` Paolo Bonzini
2015-11-02 15:49 ` Mike Snitzer
2015-11-02 15:32 ` Hannes Reinecke
2015-11-02 9:55 ` Paolo Bonzini [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5637331C.3060908@redhat.com \
--to=pbonzini@redhat.com \
--cc=dm-devel@redhat.com \
--cc=hare@suse.de \
--cc=hch@lst.de \
--cc=linux-scsi@vger.kernel.org \
--cc=mauricfo@linux.vnet.ibm.com \
--cc=snitzer@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).