[PATCH v2] nvme: remove unprivileged passthrough support
Keith Busch
kbusch at kernel.org
Mon Oct 16 11:41:37 PDT 2023
On Mon, Oct 16, 2023 at 11:35:19AM +0530, Kanchan Joshi wrote:
> Passthrough has got a hole that can be exploited to cause kernel memory
> corruption. This is about making the device do larger DMA into
> short meta/data buffer owned by kernel [1].
>
> As a stopgap measure, disable the support of unprivileged passthrough.
>
> This patch brings back coarse-granular CAP_SYS_ADMIN checks by reverting
> following patches:
>
> - 7d9d7d59d44 ("nvme: replace the fmode_t argument to the nvme ioctl handlers with a simple bool")
> - 313c08c72ee ("nvme: don't allow unprivileged passthrough on partitions")
> - 6f99ac04c46 ("nvme: consult the CSE log page for unprivileged passthrough")
> - ea43fceea41 ("nvme: allow unprivileged passthrough of Identify Controller")
> - e4fbcf32c86 ("nvme: identify-namespace without CAP_SYS_ADMIN")
> - 855b7717f44 ("nvme: fine-granular CAP_SYS_ADMIN for nvme io commands")
>
> [1] https://lore.kernel.org/linux-nvme/20231013051458.39987-1-joshi.k@samsung.com/
>
> CC: stable at vger.kernel.org # 6.2
> Fixes: 855b7717f44b1 ("nvme: fine-granular CAP_SYS_ADMIN for nvme io commands")
>
> Suggested-by: Christoph Hellwig <hch at lst.de>
> Signed-off-by: Kanchan Joshi <joshi.k at samsung.com>
> Reviewed-by: Christoph Hellwig <hch at lst.de>
Applied for nvme-6.6.
More information about the Linux-nvme
mailing list