Re: [PATCH 4.19 14/48] mtd: properly check all write ioctls for permissions
From: Pavel Machek
Date: Mon Aug 10 2020 - 12:38:56 EST
Hi!
> From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
>
> commit f7e6b19bc76471ba03725fe58e0c218a3d6266c3 upstream.
>
> When doing a "write" ioctl call, properly check that we have permissions
> to do so before copying anything from userspace or anything else so we
> can "fail fast". This includes also covering the MEMWRITE ioctl which
> previously missed checking for this.
> + /* "safe" commands */
> + case MEMGETREGIONCOUNT:
I wonder if MEMSETBADBLOCK, MEMLOCK/MEMUNLOCK, BLKPG, OTPLOCK and
MTDFILEMODE should be in the list of "safe" commands? Sounds like they
can do at least as much damage as average MEMWRITE...
Best regards,
Pavel
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Attachment:
signature.asc
Description: Digital signature