[PATCH v2] nvme: remove unprivileged passthrough support
Shinichiro Kawasaki
shinichiro.kawasaki at wdc.com
Fri Oct 27 00:49:12 PDT 2023
On Oct 27, 2023 / 12:45, Kanchan Joshi wrote:
> On 10/27/2023 12:36 PM, Shinichiro Kawasaki wrote:
> > On Oct 16, 2023 / 11:35, Kanchan Joshi wrote:
> >> Passthrough has got a hole that can be exploited to cause kernel memory
> >> corruption. This is about making the device do larger DMA into
> >> short meta/data buffer owned by kernel [1].
> >>
> >> As a stopgap measure, disable the support of unprivileged passthrough.
> >>
> >> This patch brings back coarse-granular CAP_SYS_ADMIN checks by reverting
> >> following patches:
> >>
> >> - 7d9d7d59d44 ("nvme: replace the fmode_t argument to the nvme ioctl handlers with a simple bool")
> >> - 313c08c72ee ("nvme: don't allow unprivileged passthrough on partitions")
> >> - 6f99ac04c46 ("nvme: consult the CSE log page for unprivileged passthrough")
> >> - ea43fceea41 ("nvme: allow unprivileged passthrough of Identify Controller")
> >> - e4fbcf32c86 ("nvme: identify-namespace without CAP_SYS_ADMIN")
> >> - 855b7717f44 ("nvme: fine-granular CAP_SYS_ADMIN for nvme io commands")
> >>
> >> [1] https://lore.kernel.org/linux-nvme/20231013051458.39987-1-joshi.k@samsung.com/
> >
> > This change looks affecting the blktests test case nvme/046. Should we adjust
> > the test case for the coarse-granular CAP_SYS_ADMIN checks?
>
> Nothing to adjust in the test, as there is no change in the kernel (at
> this point). I have made a note to revisit the test if anything changes.
Alright, thanks for the care.
More information about the Linux-nvme
mailing list