lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20201016062027.GB569795@kroah.com>
Date:   Fri, 16 Oct 2020 08:20:27 +0200
From:   Greg KH <gregkh@...uxfoundation.org>
To:     Allen Pais <allen.lkml@...il.com>
Cc:     linux-pci@...r.kernel.org, bhelgaas@...gle.com, ast@...nel.org,
        linux-kernel@...r.kernel.org,
        Allen Pais <apais@...ux.microsoft.com>,
        Allen Pais <allen.pais@...l.com>
Subject: Re: [RFC] PCI: allow sysfs file owner to read the config space with
 CAP_SYS_RAWIO

On Fri, Oct 16, 2020 at 11:22:35AM +0530, Allen Pais wrote:
> From: Allen Pais <apais@...ux.microsoft.com>
> 
>  Access to pci config space is explictly checked with CAP_SYS_ADMIN
> in order to read configuration space past the frist 64B.
> 
>  Since the path is only for reading, could we use CAP_SYS_RAWIO?

Why?  What needs this reduced capability?

> This patch contains a simpler fix, I would love to hear from the
> Maintainers on the approach.
> 
>  The other approach that I considered was to introduce and API
> which would check for multiple capabilities, something similar to
> perfmon_capable()/bpf_capable(). But I could not find more users
> for the API and hence dropped it.
> 
>  The problem I am trying to solve is to avoid handing out
> CAP_SYS_ADMIN for extended reads of the PCI config space.

Who is reading this config space that doesn't have admin rights?  And
what are they doing with it?

One big problem is that some devices will crash if you do this wrong,
which is why we restricted it to root.  Hopefully all of those devices
are now gone, but I don't think you can count on it.

The "guaranteed safe" fields in the config space are already exported by
sysfs for all users to read, are they not sufficient?

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ