lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4FA13DDF.9010006@redhat.com>
Date:	Wed, 02 May 2012 15:59:59 +0200
From:	Paolo Bonzini <pbonzini@...hat.com>
To:	Jan Kara <jack@...e.cz>
CC:	Jens Axboe <axboe@...nel.dk>, LKML <linux-kernel@...r.kernel.org>,
	James Bottomley <JBottomley@...allels.com>,
	linux-scsi@...r.kernel.org
Subject: Re: [PATCH] scsi: Silence unnecessary warnings about ioctl to partition

Il 02/05/2012 15:51, Jan Kara ha scritto:
>> > NACK.  I would bet that all the warnings you've seen are for ioctl that
>> > would have failed anyway with ENOTTY.
>   Actually, you would loose the bet ;)

Doh. :)

> The customer was complaining about
> warning about SG_IO ioctl. Apparently some Veritas filesystem thread generates
> a *lot* of these (I don't know if they happen to do all the filesystem IO
> with SG_IO and I'm not sure I want to know ;).

Can you at least ask the customer for help finding which command was
sent?  And perhaps have them try a kernel that blocks SG_IO to see what
breaks if anything?

> Also I tend to side with Alan that I don't quite see
> the point in trying to restrict CAP_SYS_RAWIO threads and thus breaking the
> compatibility

For example, we have a customer that wants this:

* a VM should be able to send vendor-specific commands to a disk via
SG_IO (vendor-specific commands require CAP_SYS_RAWIO).

* they want to assign logical volumes or partitions to the same VM
without letting it read or write outside the logical volume or partition.

Of course a better solution for this would be customizable filters for
SG_IO commands, where a privileged application would open the block
device with CAP_SYS_RAWIO, set the filter and hand the file descriptor
to QEMU.  Or alternatively some extension of the device cgroup.  But
either solution would require a large amount of work.

Paolo

> (if ioctls would be restricted for partitions from the
> beginning, then sure it seems like a cleaner choice). But I don't feel that
> strongly about it.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ