| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Jan 2012 04:47:57 +0000
From: Ben Hutchings <ben@...adent.org.uk>
To: Paolo Bonzini <pbonzini@...hat.com>
Cc: stable@...r.kernel.org,
Linus Torvalds <torvalds@...ux-foundation.org>,
linux-kernel@...r.kernel.org, Petr Matousek <pmatouse@...hat.com>,
linux-scsi@...r.kernel.org, Jens Axboe <axboe@...nel.dk>,
James Bottomley <JBottomley@...allels.com>
Subject: Re: [PATCH stable 3/4] block: fail SCSI passthrough ioctls on
partition devices
On Tue, 2012-01-17 at 10:55 +0100, Paolo Bonzini wrote:
> On 01/17/2012 05:07 AM, Ben Hutchings wrote:
> > Signed-off-by: Linus Torvalds<torvalds@...ux-foundation.org>
> > [bwh: Backport to 2.6.32 - ENOIOCTLCMD does not get converted to
> > ENOTTY, so we must return ENOTTY directly]
> > Signed-off-by: Ben Hutchings<ben@...adent.org.uk>
>
> Have you tested 32-on-64? I already did this change in the version for
> 3.2 stable, but sd_compat_ioctl has to keep ENOIOCTLCMD:
Not specifically...
> > [ Cherry picked from 3ed4e7ba4be8c72051d87dcb2dec279d97a18d41
> >
> > Changes with respect to 3.3: return -ENOTTY from scsi_verify_blk_ioctl
> > and -ENOIOCTLCMD from sd_compat_ioctl. ]
But in 2.6.32, compat_sys_ioctl will end up returning EINVAL rather than
ENOTTY for an unhandled ioctl number. Also, since we're denying ioctls
for security reasons rather than because we don't know how to handle
them, I don't think there's any harm in doing this.
Ben.
--
Ben Hutchings
When in doubt, use brute force. - Ken Thompson
Download attachment "signature.asc" of type "application/pgp-signature" (829 bytes)
Powered by blists - more mailing lists