Re: [PATCH 2/3] block: fail SCSI passthrough ioctls on partitiondevices

[Paolo Bonzini]

On 01/05/2012 05:16 PM, Linus Torvalds wrote:
> On Thu, Jan 5, 2012 at 5:18 AM, Paolo Bonzini<pbonzini@xxxxxxxxxx>  wrote:
> > Hence, changing scsi_verify_blk_ioctl to return ENOIOCTLCMD is not
> > really possible.
>
> What?
>
> "We have a bug in the block IO layer, so we cannot possible fix
> another problem?"
>
> Whjat the f*ck is the logic there?
>
> Just fix the *obvious* breakage in BLKROSET. It's clearly what the
> code *intends* to do, it just didn't check for ENOIOCTLCMD.

Aha, so this is clear and obvious.  And who knows that something else 
won't break?  Such as the 32-on-64 logic that already uses ENOIOCTLCMD 
for something else?

If the block maintainers want to fix that, fine.  "git blame 
block/ioctl.c" shows that it's been like this for 6 years and in general 
the file has hardly seen changes.  That's enough to make me steer away 
from that code.

Foolish me who found a bug, and an exploitable one for that matter, and 
even tried to fix it.  Looks like security by obscurity would have 
served users better.

Paolo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/