* [PATCH] fix verify_command to allow burning more than 1 DVD
@ 2005-01-17 20:34 Michal Schmidt
2005-01-18 22:43 ` Peter Osterlund
2005-01-19 20:01 ` Dominique Simon
0 siblings, 2 replies; 5+ messages in thread
From: Michal Schmidt @ 2005-01-17 20:34 UTC (permalink / raw)
To: Jens Axboe; +Cc: Linux Kernel list
[-- Attachment #1: Type: text/plain, Size: 762 bytes --]
Hello,
I use K3B with growisofs to burn DVDs. After boot I can burn a DVD as a
normal user. But only the first one. When I want to burn another one,
K3B complains that it is unable to prevent media removal. Then only root
can burn DVDs.
The bug is in the kernel in the function verify_command.
When a process opens the DVD recorder with O_RDONLY and issues a command
which is marked safe_for_write, this function is supposed to just return
-EPERM and do nothing more. However, there is a bug that causes the
command to be marked as CMD_WARNED. From now on no non-privileged
process is able to issue this command even if it correctly opens the
device with O_RDWR - because the command is no longer marked as
CMD_WRITE_SAFE.
A patch is attached.
Michal
[-- Attachment #2: verify_command.patch --]
[-- Type: text/x-patch, Size: 490 bytes --]
--- linux-2.6.11-mm1/drivers/block/scsi_ioctl.c.orig 2005-01-17 20:42:40.000000000 +0100
+++ linux-2.6.11-mm1/drivers/block/scsi_ioctl.c 2005-01-17 20:43:14.000000000 +0100
@@ -197,9 +197,7 @@ static int verify_command(struct file *f
if (type & CMD_WRITE_SAFE) {
if (file->f_mode & FMODE_WRITE)
return 0;
- }
-
- if (!(type & CMD_WARNED)) {
+ } else if (!(type & CMD_WARNED)) {
cmd_type[cmd[0]] = CMD_WARNED;
printk(KERN_WARNING "scsi: unknown opcode 0x%02x\n", cmd[0]);
}
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] fix verify_command to allow burning more than 1 DVD
2005-01-17 20:34 [PATCH] fix verify_command to allow burning more than 1 DVD Michal Schmidt
@ 2005-01-18 22:43 ` Peter Osterlund
2005-01-19 0:44 ` Michal Schmidt
2005-01-19 20:01 ` Dominique Simon
1 sibling, 1 reply; 5+ messages in thread
From: Peter Osterlund @ 2005-01-18 22:43 UTC (permalink / raw)
To: Michal Schmidt; +Cc: Jens Axboe, Linux Kernel list
Michal Schmidt <xschmi00@stud.feec.vutbr.cz> writes:
> I use K3B with growisofs to burn DVDs. After boot I can burn a DVD as
> a normal user. But only the first one. When I want to burn another
> one, K3B complains that it is unable to prevent media removal. Then
> only root can burn DVDs.
> The bug is in the kernel in the function verify_command.
> When a process opens the DVD recorder with O_RDONLY and issues a
> command which is marked safe_for_write, this function is supposed to
> just return -EPERM and do nothing more. However, there is a bug that
> causes the command to be marked as CMD_WARNED. From now on no
> non-privileged process is able to issue this command even if it
> correctly opens the device with O_RDWR - because the command is no
> longer marked as CMD_WRITE_SAFE.
> A patch is attached.
>
> Michal
> --- linux-2.6.11-mm1/drivers/block/scsi_ioctl.c.orig 2005-01-17 20:42:40.000000000 +0100
> +++ linux-2.6.11-mm1/drivers/block/scsi_ioctl.c 2005-01-17 20:43:14.000000000 +0100
> @@ -197,9 +197,7 @@ static int verify_command(struct file *f
> if (type & CMD_WRITE_SAFE) {
> if (file->f_mode & FMODE_WRITE)
> return 0;
> - }
> -
> - if (!(type & CMD_WARNED)) {
> + } else if (!(type & CMD_WARNED)) {
> cmd_type[cmd[0]] = CMD_WARNED;
> printk(KERN_WARNING "scsi: unknown opcode 0x%02x\n", cmd[0]);
> }
That patch will not write the warning message in some cases. I think
this patch is better:
---
linux-petero/drivers/block/scsi_ioctl.c | 2 +-
1 files changed, 1 insertion(+), 1 deletion(-)
diff -puN drivers/block/scsi_ioctl.c~scsi-filter drivers/block/scsi_ioctl.c
--- linux/drivers/block/scsi_ioctl.c~scsi-filter 2005-01-18 23:38:37.966026728 +0100
+++ linux-petero/drivers/block/scsi_ioctl.c 2005-01-18 23:38:37.970026120 +0100
@@ -200,7 +200,7 @@ static int verify_command(struct file *f
}
if (!(type & CMD_WARNED)) {
- cmd_type[cmd[0]] = CMD_WARNED;
+ cmd_type[cmd[0]] |= CMD_WARNED;
printk(KERN_WARNING "scsi: unknown opcode 0x%02x\n", cmd[0]);
}
_
--
Peter Osterlund - petero2@telia.com
http://web.telia.com/~u89404340
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] fix verify_command to allow burning more than 1 DVD
2005-01-18 22:43 ` Peter Osterlund
@ 2005-01-19 0:44 ` Michal Schmidt
2005-01-19 7:25 ` Jens Axboe
0 siblings, 1 reply; 5+ messages in thread
From: Michal Schmidt @ 2005-01-19 0:44 UTC (permalink / raw)
To: Peter Osterlund; +Cc: Jens Axboe, Linux Kernel list
Peter Osterlund wrote:
> Michal Schmidt <xschmi00@stud.feec.vutbr.cz> writes:
>>--- linux-2.6.11-mm1/drivers/block/scsi_ioctl.c.orig 2005-01-17 20:42:40.000000000 +0100
>>+++ linux-2.6.11-mm1/drivers/block/scsi_ioctl.c 2005-01-17 20:43:14.000000000 +0100
>>@@ -197,9 +197,7 @@ static int verify_command(struct file *f
>> if (type & CMD_WRITE_SAFE) {
>> if (file->f_mode & FMODE_WRITE)
>> return 0;
>>- }
>>-
>>- if (!(type & CMD_WARNED)) {
>>+ } else if (!(type & CMD_WARNED)) {
>> cmd_type[cmd[0]] = CMD_WARNED;
>> printk(KERN_WARNING "scsi: unknown opcode 0x%02x\n", cmd[0]);
>> }
>
>
> That patch will not write the warning message in some cases.
Yes. In cases when the device is opened for reading and the command is
known as safe_for_write.
Do we really want to print this warning in that case?
> I think this patch is better:
>
> ---
>
> linux-petero/drivers/block/scsi_ioctl.c | 2 +-
> 1 files changed, 1 insertion(+), 1 deletion(-)
>
> diff -puN drivers/block/scsi_ioctl.c~scsi-filter drivers/block/scsi_ioctl.c
> --- linux/drivers/block/scsi_ioctl.c~scsi-filter 2005-01-18 23:38:37.966026728 +0100
> +++ linux-petero/drivers/block/scsi_ioctl.c 2005-01-18 23:38:37.970026120 +0100
> @@ -200,7 +200,7 @@ static int verify_command(struct file *f
> }
>
> if (!(type & CMD_WARNED)) {
> - cmd_type[cmd[0]] = CMD_WARNED;
> + cmd_type[cmd[0]] |= CMD_WARNED;
> printk(KERN_WARNING "scsi: unknown opcode 0x%02x\n", cmd[0]);
> }
>
> _
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] fix verify_command to allow burning more than 1 DVD
2005-01-19 0:44 ` Michal Schmidt
@ 2005-01-19 7:25 ` Jens Axboe
0 siblings, 0 replies; 5+ messages in thread
From: Jens Axboe @ 2005-01-19 7:25 UTC (permalink / raw)
To: Michal Schmidt; +Cc: Peter Osterlund, Linux Kernel list
On Wed, Jan 19 2005, Michal Schmidt wrote:
> Peter Osterlund wrote:
> >Michal Schmidt <xschmi00@stud.feec.vutbr.cz> writes:
> >>--- linux-2.6.11-mm1/drivers/block/scsi_ioctl.c.orig 2005-01-17
> >>20:42:40.000000000 +0100
> >>+++ linux-2.6.11-mm1/drivers/block/scsi_ioctl.c 2005-01-17
> >>20:43:14.000000000 +0100
> >>@@ -197,9 +197,7 @@ static int verify_command(struct file *f
> >> if (type & CMD_WRITE_SAFE) {
> >> if (file->f_mode & FMODE_WRITE)
> >> return 0;
> >>- }
> >>-
> >>- if (!(type & CMD_WARNED)) {
> >>+ } else if (!(type & CMD_WARNED)) {
> >> cmd_type[cmd[0]] = CMD_WARNED;
> >> printk(KERN_WARNING "scsi: unknown opcode 0x%02x\n", cmd[0]);
> >> }
> >
> >
> >That patch will not write the warning message in some cases.
>
> Yes. In cases when the device is opened for reading and the command is
> known as safe_for_write.
> Do we really want to print this warning in that case?
No, the command should only be dumped if it is unknown and denied.
--
Jens Axboe
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] fix verify_command to allow burning more than 1 DVD
2005-01-17 20:34 [PATCH] fix verify_command to allow burning more than 1 DVD Michal Schmidt
2005-01-18 22:43 ` Peter Osterlund
@ 2005-01-19 20:01 ` Dominique Simon
1 sibling, 0 replies; 5+ messages in thread
From: Dominique Simon @ 2005-01-19 20:01 UTC (permalink / raw)
To: linux-kernel
Am Montag, 17. Januar 2005 21:34 schrieb Michal Schmidt:
> The bug is in the kernel in the function verify_command.
Your patch works fine. Nasty bug that was...
Ciao
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2005-01-19 20:02 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-01-17 20:34 [PATCH] fix verify_command to allow burning more than 1 DVD Michal Schmidt
2005-01-18 22:43 ` Peter Osterlund
2005-01-19 0:44 ` Michal Schmidt
2005-01-19 7:25 ` Jens Axboe
2005-01-19 20:01 ` Dominique Simon
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox