Linux-NVME Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH] nvme: look up proper namespace in NVME_IOCTL_IO_CMD
@ 2019-09-28  2:15 Minwoo Im
  2019-09-29 17:36 ` Keith Busch
  0 siblings, 1 reply; 4+ messages in thread
From: Minwoo Im @ 2019-09-28  2:15 UTC (permalink / raw)
  To: Keith Busch, Jens Axboe, Christoph Hellwig, Sagi Grimberg
  Cc: Minwoo Im, linux-nvme

NVME_IOCTL_IO_CMD is deprecated because IO request for a chardev is
unsafe.  But in case userspace gives nsid, kernel should at least look
up the proper namespace instance instead getting the first entry and
checking whether if it's the last one.

Signed-off-by: Minwoo Im <minwoo.im.dev@gmail.com>
---
 drivers/nvme/host/core.c | 29 ++++++++---------------------
 1 file changed, 8 insertions(+), 21 deletions(-)

diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
index fd7dea36c3b6..5bb29c932d31 100644
--- a/drivers/nvme/host/core.c
+++ b/drivers/nvme/host/core.c
@@ -93,6 +93,8 @@ static int nvme_revalidate_disk(struct gendisk *disk);
 static void nvme_put_subsystem(struct nvme_subsystem *subsys);
 static void nvme_remove_invalid_namespaces(struct nvme_ctrl *ctrl,
 					   unsigned nsid);
+static struct nvme_ns *nvme_find_get_ns(struct nvme_ctrl *ctrl,
+					unsigned int nsid);
 
 static void nvme_set_queue_dying(struct nvme_ns *ns)
 {
@@ -2888,33 +2890,18 @@ static int nvme_dev_user_cmd(struct nvme_ctrl *ctrl, void __user *argp)
 {
 	struct nvme_ns *ns;
 	int ret;
+	struct nvme_passthru_cmd cmd;
 
-	down_read(&ctrl->namespaces_rwsem);
-	if (list_empty(&ctrl->namespaces)) {
-		ret = -ENOTTY;
-		goto out_unlock;
-	}
-
-	ns = list_first_entry(&ctrl->namespaces, struct nvme_ns, list);
-	if (ns != list_last_entry(&ctrl->namespaces, struct nvme_ns, list)) {
-		dev_warn(ctrl->device,
-			"NVME_IOCTL_IO_CMD not supported when multiple namespaces present!\n");
-		ret = -EINVAL;
-		goto out_unlock;
-	}
+	if (copy_from_user(&cmd, argp, sizeof(cmd)))
+		return -EFAULT;
 
-	dev_warn(ctrl->device,
-		"using deprecated NVME_IOCTL_IO_CMD ioctl on the char device!\n");
-	kref_get(&ns->kref);
-	up_read(&ctrl->namespaces_rwsem);
+	ns = nvme_find_get_ns(ctrl, cmd.nsid);
+	if (!ns)
+		return -ENOTTY;
 
 	ret = nvme_user_cmd(ctrl, ns, argp);
 	nvme_put_ns(ns);
 	return ret;
-
-out_unlock:
-	up_read(&ctrl->namespaces_rwsem);
-	return ret;
 }
 
 static long nvme_dev_ioctl(struct file *file, unsigned int cmd,
-- 
2.17.1


_______________________________________________
Linux-nvme mailing list
Linux-nvme@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-nvme

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] nvme: look up proper namespace in NVME_IOCTL_IO_CMD
  2019-09-28  2:15 [PATCH] nvme: look up proper namespace in NVME_IOCTL_IO_CMD Minwoo Im
@ 2019-09-29 17:36 ` Keith Busch
  2019-09-29 19:18   ` Christoph Hellwig
       [not found]   ` <CGME20190929191846epcas5p10576f659553b0a1f189dcdf0cefb5c97@epcms2p3>
  0 siblings, 2 replies; 4+ messages in thread
From: Keith Busch @ 2019-09-29 17:36 UTC (permalink / raw)
  To: Minwoo Im; +Cc: Jens Axboe, Christoph Hellwig, linux-nvme, Sagi Grimberg

On Sat, Sep 28, 2019 at 11:15:00AM +0900, Minwoo Im wrote:
> NVME_IOCTL_IO_CMD is deprecated because IO request for a chardev is
> unsafe.  But in case userspace gives nsid, kernel should at least look
> up the proper namespace instance instead getting the first entry and
> checking whether if it's the last one.

This pretty much defeats the purpose of discouraging using this interface, and
possibly opens security issues if someone can issue IO to a device they
shouldn't be able to access.

_______________________________________________
Linux-nvme mailing list
Linux-nvme@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-nvme

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] nvme: look up proper namespace in NVME_IOCTL_IO_CMD
  2019-09-29 17:36 ` Keith Busch
@ 2019-09-29 19:18   ` Christoph Hellwig
       [not found]   ` <CGME20190929191846epcas5p10576f659553b0a1f189dcdf0cefb5c97@epcms2p3>
  1 sibling, 0 replies; 4+ messages in thread
From: Christoph Hellwig @ 2019-09-29 19:18 UTC (permalink / raw)
  To: Keith Busch
  Cc: Jens Axboe, Minwoo Im, Christoph Hellwig, linux-nvme, Sagi Grimberg

On Sun, Sep 29, 2019 at 11:36:54AM -0600, Keith Busch wrote:
> On Sat, Sep 28, 2019 at 11:15:00AM +0900, Minwoo Im wrote:
> > NVME_IOCTL_IO_CMD is deprecated because IO request for a chardev is
> > unsafe.  But in case userspace gives nsid, kernel should at least look
> > up the proper namespace instance instead getting the first entry and
> > checking whether if it's the last one.
> 
> This pretty much defeats the purpose of discouraging using this interface, and
> possibly opens security issues if someone can issue IO to a device they
> shouldn't be able to access.

It also breaks any old user relying on the fact that the nsid is
ignored.

_______________________________________________
Linux-nvme mailing list
Linux-nvme@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-nvme

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] nvme: look up proper namespace in NVME_IOCTL_IO_CMD
       [not found]   ` <CGME20190929191846epcas5p10576f659553b0a1f189dcdf0cefb5c97@epcms2p3>
@ 2019-10-06  2:58     ` Minwoo Im
  0 siblings, 0 replies; 4+ messages in thread
From: Minwoo Im @ 2019-10-06  2:58 UTC (permalink / raw)
  To: Keith Busch, Minwoo Im, Christoph Hellwig
  Cc: Jens Axboe, Sagi Grimberg, linux-nvme, Minwoo Im

> > > NVME_IOCTL_IO_CMD is deprecated because IO request for a chardev is
> > > unsafe.  But in case userspace gives nsid, kernel should at least look
> > > up the proper namespace instance instead getting the first entry and
> > > checking whether if it's the last one.
> >
> > This pretty much defeats the purpose of discouraging using this interface,
> and
> > possibly opens security issues if someone can issue IO to a device they
> > shouldn't be able to access.
> 
> It also breaks any old user relying on the fact that the nsid is
> ignored.

Oh Yes, It breaks the purpose for the deprecation. Will not try to use I/O
Weith chardev with nsid specified which can give improper nsid  from the
userspace


Thanks, Keith and Christoph

_______________________________________________
Linux-nvme mailing list
Linux-nvme@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-nvme

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, back to index

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-09-28  2:15 [PATCH] nvme: look up proper namespace in NVME_IOCTL_IO_CMD Minwoo Im
2019-09-29 17:36 ` Keith Busch
2019-09-29 19:18   ` Christoph Hellwig
     [not found]   ` <CGME20190929191846epcas5p10576f659553b0a1f189dcdf0cefb5c97@epcms2p3>
2019-10-06  2:58     ` Minwoo Im

Linux-NVME Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-nvme/0 linux-nvme/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-nvme linux-nvme/ https://lore.kernel.org/linux-nvme \
		linux-nvme@lists.infradead.org linux-nvme@archiver.kernel.org
	public-inbox-index linux-nvme

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.infradead.lists.linux-nvme


AGPL code for this site: git clone https://public-inbox.org/ public-inbox