lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <5047B38D.9000607@gmail.com>
Date:	Wed, 05 Sep 2012 16:18:21 -0400
From:	Ric Wheeler <ricwheeler@...il.com>
To:	Paolo Bonzini <pbonzini@...hat.com>
CC:	axboe@...nel.dk, Mike Snitzer <snitzer@...hat.com>,
	Alan Cox <alan@...rguk.ukuu.org.uk>,
	"Martin K. Petersen" <martin.petersen@...cle.com>,
	linux-kernel@...r.kernel.org, linux-scsi@...r.kernel.org
Subject: Re: [Ping^3] Re: [PATCH] sg_io: allow UNMAP and WRITE SAME without
 CAP_SYS_RAWIO

On 09/05/2012 10:41 AM, Paolo Bonzini wrote:
> Il 28/08/2012 13:04, Paolo Bonzini ha scritto:
>> Il 01/08/2012 17:53, Paolo Bonzini ha scritto:
>>> Il 20/07/2012 18:30, Paolo Bonzini ha scritto:
>>>> These commands cannot be issued right now without giving CAP_SYS_RAWIO to
>>>> the process who wishes to send them.  These commands can be useful also to
>>>> non-privileged programs who have access to the block devices.  For example
>>>> a virtual machine monitor needs them to forward trim/discard to host disks.
>>>>
>>>> Signed-off-by: Paolo Bonzini <pbonzini@...hat.com>
>>>> ---
>>>>   block/scsi_ioctl.c |    3 ++
>>>>   1 files changed, 3 insertions(+), 0 deletions(-)
>>>>
>>>> diff --git a/block/scsi_ioctl.c b/block/scsi_ioctl.c
>>>> index 260fa80..dd71f18 100644
>>>> --- a/block/scsi_ioctl.c
>>>> +++ b/block/scsi_ioctl.c
>>>> @@ -168,13 +168,16 @@ static void blk_set_cmd_filter_defaults(struct blk_cmd_filter *filter)
>>>>   	/* Basic writing commands */
>>>>   	__set_bit(WRITE_6, filter->write_ok);
>>>>   	__set_bit(WRITE_10, filter->write_ok);
>>>> +	__set_bit(WRITE_SAME, filter->write_ok);
>>>>   	__set_bit(WRITE_VERIFY, filter->write_ok);
>>>>   	__set_bit(WRITE_12, filter->write_ok);
>>>>   	__set_bit(WRITE_VERIFY_12, filter->write_ok);
>>>>   	__set_bit(WRITE_16, filter->write_ok);
>>>> +	__set_bit(WRITE_SAME_16, filter->write_ok);
>>>>   	__set_bit(WRITE_LONG, filter->write_ok);
>>>>   	__set_bit(WRITE_LONG_2, filter->write_ok);
>>>>   	__set_bit(ERASE, filter->write_ok);
>>>> +	__set_bit(UNMAP, filter->write_ok);
>>>>   	__set_bit(GPCMD_MODE_SELECT_10, filter->write_ok);
>>>>   	__set_bit(MODE_SELECT, filter->write_ok);
>>>>   	__set_bit(LOG_SELECT, filter->write_ok);
>>>>
>>> Jens,
>>>
>>> can this go in 3.6 as well?
>> Another ping...
> Ping & adding some more folks hoping to get a Reviewed-by or to be
> screamed at.
>
> Paolo

Hi Paolo,

Both of these commands are destructive. WRITE_SAME (if done without the discard 
bits set) can also take a very long time to be destructive and tie up the storage.

I think that restricting them to CAP_SYS_RAWIO seems reasonable - better to vet 
and give the appropriate apps the needed capability than to widely open up the 
safety check?

thanks!

Ric


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ