lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20230610060626.GA1595@lst.de>
Date:   Sat, 10 Jun 2023 08:06:26 +0200
From:   Christoph Hellwig <hch@....de>
To:     Jingbo Xu <jefflexu@...ux.alibaba.com>
Cc:     axboe@...nel.dk, hch@....de, linux-block@...r.kernel.org,
        linux-kernel@...r.kernel.org, tianjia.zhang@...ux.alibaba.com,
        xiang@...nel.org, casey@...aufler-ca.com
Subject: Re: [RFC] block: relax permission for Persistent Reservations ioctl

On Fri, Jun 09, 2023 at 06:21:22PM +0800, Jingbo Xu wrote:
> When the shared storage is accessed from containers [1], it's not
> recommended to grant CAP_SYS_ADMIN to containers for access to
> Persistent Reservations in risk of container escape.
> 
> Remove the extra CAP_SYS_ADMIN permission constraint for Persistent
> Reservations ioctl which shall do no harm [2].

I think we still to check that if CAP_SYS_ADMIN is not present,
the file descriptors needs to be open for write, and we're not called
on a partition (the latter should probbaly be always checked,
as a reservation for a partitions doesn't make sense).

But in general I think relaxing this is a good idea, we just need to
be very careful.  Looking at the discussion of unprivileged nvme
command passthrough might be a good start.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ