Re: [PATCH v2 00/14] Corrections and customization of the SG_IO commandwhitelist (CVE-2012-4542)

From: Paolo Bonzini
Date: Wed Feb 13 2013 - 10:49:22 EST

Il 13/02/2013 16:35, Douglas Gilbert ha scritto:
>> Ping? I'm not even sure what tree this should host these patches...
> You are whitelisting SCSI commands so obviously the SCSI tree
> and the patch spills over into the block tree.

Yeah, an Acked-by is in order but it's not clear from whom and for whom.

> Can't see much point in ack-ing the sg changes since most
> of the action is at higher levels.
> The question I have is what existing code will this change
> break (and will I being getting emails from peeved
> developers)?

An unlikely situation is that a vendor-specific command in the "low"
range (i.e. not 0xc0..0xff) conflicted with an MMC command, so it
happened to be enabled. That will now break, but only if executed
without CAP_SYS_RAWIO.

Nothing will change for programs executed with CAP_SYS_RAWIO.

I have not disabled any standards-defined command that used to be
enabled, and on the contrary I enabled a few of them, so this could
potentially lead to less emails from peeved developers, too.

> Is 8 lines of documentation changes enough? My guess is
> that SG_IO ioctl pass-through users will be tripped up
> and it won't be obvious to them to look at
> Documentation/block/queue-sysfs.txt
> for enlightenment; especially if they are using a char
> device node from the bsg, sg or st drivers to issue SG_IO.

The command whitelist was not documented before. It's quite likely that
any documentation except the code itself would not be updated the next
time the whitelist is touched.

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at