[RFC 0/2] Split out firmware upgrade from CAP_SYS_ADMIN
Mario Limonciello
mario.limonciello at dell.com
Thu Feb 18 12:09:45 EST 2021
Currently NVME (and probably other drivers) require CAP_SYS_ADMIN to
send all commands to the device. This means that software running
in userspace needs the stronger CAP_SYS_ADMIN permission when realistically
a more limited subset of functionality is actually needed.
To allow software that performs firmware upgrades to run without CAP_SYS_ADMIN,
create a new capability CAP_FIRMWARE_UPGRADE that software can run with.
For the RFC, only include NVME. Other drivers can be added if suggested.
Mario Limonciello (2):
capability: Introduce CAP_FIRMWARE_UPGRADE
nvme: Use CAP_FIRMWARE_UPGRADE to check user commands
drivers/nvme/host/core.c | 28 ++++++++++++++++++++++++----
include/linux/capability.h | 5 +++++
include/uapi/linux/capability.h | 7 ++++++-
security/selinux/include/classmap.h | 4 ++--
4 files changed, 37 insertions(+), 7 deletions(-)
--
2.25.1
More information about the Linux-nvme
mailing list