Re: [PATCH 1/5] compat_ioctl call seems to miss a security hook

[Michael S. Tsirkin]

Quoting r. Chris Wright (chrisw@xxxxxxxx)
> > > > I'm all for it, but the way the patch below works, we could end up
> > > > calling ->ioctl or ->unlocked_ioctl from the compat 
> > > > syscall, and we dont want that.
> > > 
> > > Hmm, I didn't actually change how those are called.  So if it's an issue,
> > > then I don't think this patch introduces it.
> > 
> > Sorry, you are right, we go to do_ioctl only if there are no
> > callbacks.
> 
> I suppose there is one case (not introduced by the patch).  Not sure if
> it's even a problem though:
> 
> t->cmd matches, yet NULL t->handler.  This will fall-thru to
> the do_ioctl: case.  I assume NULL handler is for case where no
> conversion is needed, so it's not a problem?  At least some callers of
> register_ioctl32_conversion() pass NULL handler.

Yes, this is an by design, you put in a NULL handler to say: I dont need
conversions, call my regular handlers. Some in-tree drivers do this.

MST
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/