Skip to content

Commit 5289802

Browse files
Nigel HislopMartin Schwidefsky
Nigel Hislop
authored and
Martin Schwidefsky
committed
[S390] dasd: security and PSF update patch for EMC CKD ioctl
Remove the PSF order/suborder check from the Symmetrix CKD dasd ioctl. In exchange restrict the ioctl to CAP_SYS_ADMIN and CAP_SYS_RAWIO. Signed-off-by: Nigel Hislop <hislop_nigel@emc.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
1 parent 91a970d commit 5289802

File tree

1 file changed

+10
-7
lines changed

1 file changed

+10
-7
lines changed

drivers/s390/block/dasd_eckd.c

Lines changed: 10 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -2839,8 +2839,13 @@ static int dasd_symm_io(struct dasd_device *device, void __user *argp)
28392839
char *psf_data, *rssd_result;
28402840
struct dasd_ccw_req *cqr;
28412841
struct ccw1 *ccw;
2842+
char psf0, psf1;
28422843
int rc;
28432844

2845+
if (!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_RAWIO))
2846+
return -EACCES;
2847+
psf0 = psf1 = 0;
2848+
28442849
/* Copy parms from caller */
28452850
rc = -EFAULT;
28462851
if (copy_from_user(&usrparm, argp, sizeof(usrparm)))
@@ -2869,12 +2874,8 @@ static int dasd_symm_io(struct dasd_device *device, void __user *argp)
28692874
(void __user *)(unsigned long) usrparm.psf_data,
28702875
usrparm.psf_data_len))
28712876
goto out_free;
2872-
2873-
/* sanity check on syscall header */
2874-
if (psf_data[0] != 0x17 && psf_data[1] != 0xce) {
2875-
rc = -EINVAL;
2876-
goto out_free;
2877-
}
2877+
psf0 = psf_data[0];
2878+
psf1 = psf_data[1];
28782879

28792880
/* setup CCWs for PSF + RSSD */
28802881
cqr = dasd_smalloc_request(DASD_ECKD_MAGIC, 2 , 0, device);
@@ -2925,7 +2926,9 @@ static int dasd_symm_io(struct dasd_device *device, void __user *argp)
29252926
kfree(rssd_result);
29262927
kfree(psf_data);
29272928
out:
2928-
DBF_DEV_EVENT(DBF_WARNING, device, "Symmetrix ioctl: rc=%d", rc);
2929+
DBF_DEV_EVENT(DBF_WARNING, device,
2930+
"Symmetrix ioctl (0x%02x 0x%02x): rc=%d",
2931+
(int) psf0, (int) psf1, rc);
29292932
return rc;
29302933
}
29312934

0 commit comments

Comments
 (0)