Re: [PATCH 4.19 14/48] mtd: properly check all write ioctls for permissions

From: Pavel Machek
Date: Mon Aug 10 2020 - 12:38:56 EST

Next message: Christoph Hellwig: "Re: [GIT PULL] fscache rewrite -- please drop for now"
Previous message: Pavel Machek: "Re: [PATCH 4.19 06/48] ALSA: seq: oss: Serialize ioctls"
In reply to: Greg Kroah-Hartman: "[PATCH 4.19 14/48] mtd: properly check all write ioctls for permissions"
Next in thread: Richard Weinberger: "Re: [PATCH 4.19 14/48] mtd: properly check all write ioctls for permissions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

> From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
>
> commit f7e6b19bc76471ba03725fe58e0c218a3d6266c3 upstream.
>
> When doing a "write" ioctl call, properly check that we have permissions
> to do so before copying anything from userspace or anything else so we
> can "fail fast". This includes also covering the MEMWRITE ioctl which
> previously missed checking for this.

> + /* "safe" commands */
> + case MEMGETREGIONCOUNT:

I wonder if MEMSETBADBLOCK, MEMLOCK/MEMUNLOCK, BLKPG, OTPLOCK and
MTDFILEMODE should be in the list of "safe" commands? Sounds like they
can do at least as much damage as average MEMWRITE...

Best regards,
Pavel
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany

Attachment: signature.asc
Description: Digital signature

Next message: Christoph Hellwig: "Re: [GIT PULL] fscache rewrite -- please drop for now"
Previous message: Pavel Machek: "Re: [PATCH 4.19 06/48] ALSA: seq: oss: Serialize ioctls"
In reply to: Greg Kroah-Hartman: "[PATCH 4.19 14/48] mtd: properly check all write ioctls for permissions"
Next in thread: Richard Weinberger: "Re: [PATCH 4.19 14/48] mtd: properly check all write ioctls for permissions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]