commit 0bfc96cb77224736dfa35c3c555d37b3646ef35e upstream.
+[ Changes with respect to 3.3: return -ENOTTY from scsi_verify_blk_ioctl
+ and -ENOIOCTLCMD from sd_compat_ioctl. ]
+
Linux allows executing the SG_IO ioctl on a partition or LVM volume, and
will pass the command to the underlying block device. This is
well-known, but it is also a large security problem when (via Unix
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
---
block/scsi_ioctl.c | 45 +++++++++++++++++++++++++++++++++++++++++++++
drivers/scsi/sd.c | 11 +++++++++--
+ * and we do not want to spam dmesg about it. CD-ROMs do
+ * not have partitions, so we get here only for disks.
+ */
-+ return -ENOIOCTLCMD;
++ return -ENOTTY;
+ default:
+ break;
+ }
+ printk_ratelimited(KERN_WARNING
+ "%s: sending ioctl %x to a partition!\n", current->comm, cmd);
+
-+ return capable(CAP_SYS_RAWIO) ? 0 : -ENOIOCTLCMD;
++ return capable(CAP_SYS_RAWIO) ? 0 : -ENOTTY;
+}
+EXPORT_SYMBOL(scsi_verify_blk_ioctl);
+
+
+ ret = scsi_verify_blk_ioctl(bdev, cmd);
+ if (ret < 0)
-+ return ret;
++ return -ENOIOCTLCMD;
/*
* If we are in the middle of error recovery, don't let anyone
projects / thirdparty / kernel / stable-queue.git / commitdiff
