diff options
| author | Ilya Dryomov <idryomov@gmail.com> | 2017-10-18 08:38:38 -0400 |
|---|---|---|
| committer | Jens Axboe <axboe@kernel.dk> | 2017-10-25 14:25:00 -0400 |
| commit | bb749b31c25e9b11f8f974baac8d507298ffbb70 (patch) | |
| tree | 7ac80dc67d5ea61bc42896d5aea13a193ba28f14 /block/ioctl.c | |
| parent | 351499a172c0c5fc52d65ee2c62b344f369ea02a (diff) | |
block: move CAP_SYS_ADMIN check in blkdev_roset()
Check for CAP_SYS_ADMIN before calling into the driver, similar to
blkdev_flushbuf(). This is safer and can spare a check in the driver.
(Currently BLKROSET is overridden by md and rbd, rbd is missing the
check. md has the check, but it covers a lot more than BLKROSET.)
Acked-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Diffstat (limited to 'block/ioctl.c')
| -rw-r--r-- | block/ioctl.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/block/ioctl.c b/block/ioctl.c index c0fc32bd8ed1..1668506d8ed8 100644 --- a/block/ioctl.c +++ b/block/ioctl.c | |||
| @@ -443,11 +443,12 @@ static int blkdev_roset(struct block_device *bdev, fmode_t mode, | |||
| 443 | { | 443 | { |
| 444 | int ret, n; | 444 | int ret, n; |
| 445 | 445 | ||
| 446 | if (!capable(CAP_SYS_ADMIN)) | ||
| 447 | return -EACCES; | ||
| 448 | |||
| 446 | ret = __blkdev_driver_ioctl(bdev, mode, cmd, arg); | 449 | ret = __blkdev_driver_ioctl(bdev, mode, cmd, arg); |
| 447 | if (!is_unrecognized_ioctl(ret)) | 450 | if (!is_unrecognized_ioctl(ret)) |
| 448 | return ret; | 451 | return ret; |
| 449 | if (!capable(CAP_SYS_ADMIN)) | ||
| 450 | return -EACCES; | ||
| 451 | if (get_user(n, (int __user *)arg)) | 452 | if (get_user(n, (int __user *)arg)) |
| 452 | return -EFAULT; | 453 | return -EFAULT; |
| 453 | set_device_ro(bdev, n); | 454 | set_device_ro(bdev, n); |