lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1457333940-13076-1-git-send-email-shawn.lin@rock-chips.com>
Date:	Mon,  7 Mar 2016 14:59:00 +0800
From:	Shawn Lin <shawn.lin@...k-chips.com>
To:	Ulf Hansson <ulf.hansson@...aro.org>
Cc:	Seshagiri Holi <sholi@...dia.com>,
	Jon Hunter <jonathanh@...dia.com>, linux-mmc@...r.kernel.org,
	linux-kernel@...r.kernel.org, Shawn Lin <shawn.lin@...k-chips.com>,
	stable@...r.kernel.org
Subject: [RESENT PATCH] mmc: block: fix ABI regression of mmc_blk_ioctl

We should return -EINVAL if cmd is not MMC_IOC_CMD or MMC_IOC_MULTI_CMD,
otherwise blkdev_roset will return -EPERM.

Android-adb calls make_block_device_writable with ioctl(BLKROSET), which
will return error, make remount failed:
remount of /system failed;
couldn't make block device writable: Operation not permitted

openat(AT_FDCWD, "/dev/block/platform/ff420000.dwmmc/by-name/system", O_RDONLY) = 3
ioctl(3, BLKROSET, 0)  = -1 EPERM (Operation not permitted)

Fixes: a5f5774c55a2 ("mmc: block: Add new ioctl to send multi commands")
Cc: stable@...r.kernel.org
Signed-off-by: Shawn Lin <shawn.lin@...k-chips.com>
---

 drivers/mmc/card/block.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/mmc/card/block.c b/drivers/mmc/card/block.c
index 47bc87d..170f099 100644
--- a/drivers/mmc/card/block.c
+++ b/drivers/mmc/card/block.c
@@ -688,6 +688,9 @@ cmd_err:
 static int mmc_blk_ioctl(struct block_device *bdev, fmode_t mode,
 	unsigned int cmd, unsigned long arg)
 {
+	if (cmd != MMC_IOC_CMD && cmd != MMC_IOC_MULTI_CMD)
+		return -EINVAL;
+
 	/*
 	 * The caller must have CAP_SYS_RAWIO, and must be calling this on the
 	 * whole block device, not on a partition.  This prevents overspray
-- 
2.3.7

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ