[PATCH] CVE fix for xen-blkback allowing DISCARD operations on read-only disks.

From: Konrad Rzeszutek Wilk
Date: Wed Jun 05 2013 - 15:55:38 EST

Please put the following patch:
[PATCH] xen/blkback: Check device permissions before allowing

in your tree for Linus. It fixes CVE-2013-2140.

The bug is that if a system admin provides a disk (which supports
the discard aka TRIM or SCSI UNMAP) to a guest as read-only - there
are no checks done. Which means that the OS can destroy the data.

The likehood of somebody using 'ro' disks I think is small - but
there is probably one person who does it and would be unhappy that
a guest OS can destroy the underlaying data.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/