| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 29 Feb 2012 09:13:08 +0100 From: Paolo Bonzini <pbonzini@...hat.com> To: Linus Torvalds <torvalds@...ux-foundation.org> CC: linux-kernel@...r.kernel.org, Jens Axboe <axboe@...nel.dk>, stable@...r.kernel.org, Alan Cox <alan@...rguk.ukuu.org.uk> Subject: Re: [PATCH v2] block: avoid false positive warnings on ioctl to partition Il 29/02/2012 01:14, Linus Torvalds ha scritto: > So I'm still not convinced this is safe, and feel a bit worried about > us possibly silently missing some things. That > > default: > return -ENOIOCTLCMD; > > is what worries me. > > Blocking the ones we *know* about and understand I'm perfectly fine > with. And the SG_IO case looks fine. It's the possibly unknown users > that still worry me. I understand. We do have a good grasp of what's happening. We did get reports for SG_IO, for false positives that would have returned -ENOTTY, and for ioctls that need to be passed. We couldn't expect anything better than this, I think. I checked in the source and all scsi_host-specific ioctls need filtering. Of course we might be missing something really obscure which is rarely used in the wild. But being 100% sure that nothing breaks is impossible, unfortunately, so does it make sense to aim at 100%? And it should be extremely easy to bisect failures. Even with all the differences, it reminds me of the recent change to poll. Paolo -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists