| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <319aa379-2694-5bb7-b79e-5401e894f390@linux.alibaba.com>
Date: Sat, 10 Jun 2023 16:12:00 +0800
From: Jingbo Xu <jefflexu@...ux.alibaba.com>
To: Christoph Hellwig <hch@....de>
Cc: axboe@...nel.dk, linux-block@...r.kernel.org,
linux-kernel@...r.kernel.org, tianjia.zhang@...ux.alibaba.com,
xiang@...nel.org, casey@...aufler-ca.com
Subject: Re: [RFC] block: relax permission for Persistent Reservations ioctl
On 6/10/23 2:06 PM, Christoph Hellwig wrote:
> On Fri, Jun 09, 2023 at 06:21:22PM +0800, Jingbo Xu wrote:
>> When the shared storage is accessed from containers [1], it's not
>> recommended to grant CAP_SYS_ADMIN to containers for access to
>> Persistent Reservations in risk of container escape.
>>
>> Remove the extra CAP_SYS_ADMIN permission constraint for Persistent
>> Reservations ioctl which shall do no harm [2].
>
> I think we still to check that if CAP_SYS_ADMIN is not present,
> the file descriptors needs to be open for write, and we're not called
> on a partition (the latter should probbaly be always checked,
> as a reservation for a partitions doesn't make sense).
>
> But in general I think relaxing this is a good idea, we just need to
> be very careful. Looking at the discussion of unprivileged nvme
> command passthrough might be a good start.
Hi,
Thanks for the reply.
It seems I need to dive deeper into details of Persistent Reservations
protocol and the permission control you mentioned in nvme command
passthrough.
Thanks for your suggestions. I will send a new version later.
--
Thanks,
Jingbo
Powered by blists - more mailing lists