Re: [PATCH 1/5] compat_ioctl call seems to miss a security hook

[Chris Wright]

* Michael S. Tsirkin (mst@xxxxxxxxxxxxxx) wrote:
> Quoting r. Chris Wright (chrisw@xxxxxxxx) "Re: [PATCH 1/5] compat_ioctl call seems to miss a security hook":
> > * Michael S. Tsirkin (mst@xxxxxxxxxxxxxx) wrote:
> > > I'm all for it, but the way the patch below works, we could end up
> > > calling ->ioctl or ->unlocked_ioctl from the compat 
> > > syscall, and we dont want that.
> > 
> > Hmm, I didn't actually change how those are called.  So if it's an issue,
> > then I don't think this patch introduces it.
> 
> Sorry, you are right, we go to do_ioctl only if there are no
> callbacks.

I suppose there is one case (not introduced by the patch).  Not sure if
it's even a problem though:

t->cmd matches, yet NULL t->handler.  This will fall-thru to
the do_ioctl: case.  I assume NULL handler is for case where no
conversion is needed, so it's not a problem?  At least some callers of
register_ioctl32_conversion() pass NULL handler.

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/