lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 24 May 2013 12:03:33 +0400 From: James Bottomley <James.Bottomley@...senPartnership.com> To: Paolo Bonzini <pbonzini@...hat.com> Cc: linux-kernel@...r.kernel.org, tj@...nel.org, FUJITA Tomonori <fujita.tomonori@....ntt.co.jp>, Doug Gilbert <dgilbert@...erlog.com>, linux-scsi@...r.kernel.org, Jens Axboe <axboe@...nel.dk> Subject: Re: [PATCH v3 part1 1/4] sg_io: pass request_queue to blk_verify_command On Fri, 2013-05-24 at 09:53 +0200, Paolo Bonzini wrote: > Il 24/05/2013 09:50, James Bottomley ha scritto: > > On Fri, 2013-05-24 at 09:43 +0200, Paolo Bonzini wrote: > >> Il 24/05/2013 09:36, James Bottomley ha scritto: > >>> On Thu, 2013-05-23 at 15:58 +0200, Paolo Bonzini wrote: > >>>> Adjust the blk_verify_command function to let it look at per-queue > >>>> data. This will be done in the next patch. > >>> > >>> This is not a bug fix. This is an enabler for your complex and to my > >>> mind dubious rework of the SG_IO command filter. I'm running out of > >>> ways to say please don't mix bug fixes with features, because this > >>> redesignating of the original patch set as part 1 and parts 2,3 doesn't > >>> satisfy the requirement. > >> > >> I made it part 1/2/3 because parts 2/3 depend on part 1. It makes > >> dependency tracking easier, at least in my mind. > >> > >> If you have another solution that does not require passing request_queue > >> to blk_verify_command, I'm all ears. > > > > That's a circular response that doesn't answer the question. The actual > > question is: what is simple fix for the bug that isn't entangled with > > enabling the SG_IO per device type whitelist feature. > > > >>> Does anyone in the real world actually care about this bug? > >> > >> Yes, or I would move on and not waste so much time on this. > > > > Fine, so produce a simple fix for this bug which we can discuss that's > > not tied to this feature. > > Honestly, I have no idea how this is even possible. Really? It looks to me like a simple block on the commands for disk devices in the opcode switch would do it (with a corresponding change to sg.c:sg_allow_access). James -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists