From: Ben Hutchings <ben@decadent.org.uk>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: stable@vger.kernel.org,
Linus Torvalds <torvalds@linux-foundation.org>,
linux-kernel@vger.kernel.org, Petr Matousek <pmatouse@redhat.com>,
linux-scsi@vger.kernel.org, Jens Axboe <axboe@kernel.dk>,
James Bottomley <JBottomley@parallels.com>
Subject: Re: [PATCH stable 3/4] block: fail SCSI passthrough ioctls on partition devices
Date: Wed, 18 Jan 2012 04:47:57 +0000 [thread overview]
Message-ID: <1326862077.2819.210.camel@deadeye> (raw)
In-Reply-To: <4F1545A4.3000809@redhat.com>
[-- Attachment #1: Type: text/plain, Size: 1059 bytes --]
On Tue, 2012-01-17 at 10:55 +0100, Paolo Bonzini wrote:
> On 01/17/2012 05:07 AM, Ben Hutchings wrote:
> > Signed-off-by: Linus Torvalds<torvalds@linux-foundation.org>
> > [bwh: Backport to 2.6.32 - ENOIOCTLCMD does not get converted to
> > ENOTTY, so we must return ENOTTY directly]
> > Signed-off-by: Ben Hutchings<ben@decadent.org.uk>
>
> Have you tested 32-on-64? I already did this change in the version for
> 3.2 stable, but sd_compat_ioctl has to keep ENOIOCTLCMD:
Not specifically...
> > [ Cherry picked from 3ed4e7ba4be8c72051d87dcb2dec279d97a18d41
> >
> > Changes with respect to 3.3: return -ENOTTY from scsi_verify_blk_ioctl
> > and -ENOIOCTLCMD from sd_compat_ioctl. ]
But in 2.6.32, compat_sys_ioctl will end up returning EINVAL rather than
ENOTTY for an unhandled ioctl number. Also, since we're denying ioctls
for security reasons rather than because we don't know how to handle
them, I don't think there's any harm in doing this.
Ben.
--
Ben Hutchings
When in doubt, use brute force. - Ken Thompson
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 828 bytes --]
next prev parent reply other threads:[~2012-01-18 4:48 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-01-12 15:01 [PATCH v2 0/3] possible privilege escalation via SG_IO ioctl (CVE-2011-4127) Paolo Bonzini
2012-01-12 15:01 ` [PATCH v2 1/3] block: add and use scsi_blk_cmd_ioctl Paolo Bonzini
2012-01-12 15:01 ` [PATCH v2 2/3] block: fail SCSI passthrough ioctls on partition devices Paolo Bonzini
2012-01-14 23:43 ` Linus Torvalds
2012-01-16 8:51 ` Paolo Bonzini
2012-01-17 3:58 ` Ben Hutchings
2012-01-17 4:06 ` [PATCH stable 1/4] kernel.h: add printk_ratelimited and pr_<level>_rl Ben Hutchings
2012-01-17 4:06 ` [PATCH stable 2/4] block: add and use scsi_blk_cmd_ioctl Ben Hutchings
2012-01-17 4:07 ` [PATCH stable 3/4] block: fail SCSI passthrough ioctls on partition devices Ben Hutchings
2012-01-17 9:55 ` Paolo Bonzini
2012-01-18 4:47 ` Ben Hutchings [this message]
2012-01-18 9:00 ` Paolo Bonzini
2012-01-18 16:04 ` Ben Hutchings
2012-01-24 12:56 ` Paolo Bonzini
2012-01-26 0:19 ` Greg KH
2012-01-26 18:28 ` Greg KH
2012-01-17 4:07 ` [PATCH stable 4/4] dm: do not forward ioctls from logical volumes to the underlying device Ben Hutchings
2012-01-17 20:03 ` [PATCH v2 2/3] block: fail SCSI passthrough ioctls on partition devices Greg KH
2012-01-12 15:01 ` [PATCH v2 3/3] dm: do not forward ioctls from logical volumes to the underlying device Paolo Bonzini
2012-01-16 1:04 ` [PATCH v2 0/3] possible privilege escalation via SG_IO ioctl (CVE-2011-4127) Douglas Gilbert
2012-01-16 8:54 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1326862077.2819.210.camel@deadeye \
--to=ben@decadent.org.uk \
--cc=JBottomley@parallels.com \
--cc=axboe@kernel.dk \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=pmatouse@redhat.com \
--cc=stable@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).