On Fri, 10 Apr 2026, Krzysztof Wilczyński wrote:

> Currently, the __resource_resize_store() allows writing to the
> resourceN_resize sysfs attribute to change a BAR's size without
> checking for capabilities, currently relying only on the file
> access check.
> 
> Resizing a BAR modifies PCI device configuration and can disrupt
> active drivers.  After the upcoming conversion to static attributes,
> it will also trigger resource file updates via sysfs_update_groups().
> 
> Thus, add a CAP_SYS_ADMIN check to prevent unprivileged users from
> performing BAR resize operations.
> 
> Signed-off-by: Krzysztof Wilczyński <kwilczynski@kernel.org>
> ---
>  drivers/pci/pci-sysfs.c | 3 +++
>  1 file changed, 3 insertions(+)
> 
> diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c
> index ac4e7c516e78..6b8c8e62f68a 100644
> --- a/drivers/pci/pci-sysfs.c
> +++ b/drivers/pci/pci-sysfs.c
> @@ -1619,6 +1619,9 @@ static ssize_t __resource_resize_store(struct device *dev, int n,
>  	int ret;
>  	u16 cmd;
>  
> +	if (!capable(CAP_SYS_ADMIN))
> +		return -EPERM;
> +
>  	if (kstrtoul(buf, 0, &size) < 0)
>  		return -EINVAL;
>  
> 

Reviewed-by: Ilpo Järvinen <ilpo.jarvinen@linux.intel.com>

-- 
 i.