Re: [PATCH] fs: Drop CAP_SYS_RAWIO requirement for FIBMAP

From: Serge E. Hallyn
Date: Wed Dec 09 2015 - 17:52:28 EST

Next message: Kees Cook: "Re: [PATCH v2] clear file privilege bits when mmap writing"
Previous message: Prakash, Prashanth: "Re: [PATCH v3 0/5] ACPI / processor_idle: Add ACPI v6.0 LPI support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Dec 05, 2015 at 12:15:16AM -0600, Seth Forshee wrote:
> The information exposed by FIBMAP is not privileged and is
> similar to the information provided by FIEMAP, which does not
> require privileges. According to [1] the reason the capability
> check was originally added was to prevent crashing the kernel
> by passing invalid arguments, but this should no longer be a
> problem, so this requirement can be removed.
>
> [1] http://www.gossamer-threads.com/lists/linux/kernel/103611
>
> Cc: "Serge E. Hallyn" <serge@xxxxxxxxxx>
> Cc: Theodore Ts'o <tytso@xxxxxxx>
> Signed-off-by: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>

Acked-by: Serge Hallyn <serge.hallyn@xxxxxxxxxxxxx>

> ---
> fs/ioctl.c | 2 --
> 1 file changed, 2 deletions(-)
>
> diff --git a/fs/ioctl.c b/fs/ioctl.c
> index 5d01d2638ca5..c963d82b0de8 100644
> --- a/fs/ioctl.c
> +++ b/fs/ioctl.c
> @@ -55,8 +55,6 @@ static int ioctl_fibmap(struct file *filp, int __user *p)
> /* do we support this mess? */
> if (!mapping->a_ops->bmap)
> return -EINVAL;
> - if (!capable(CAP_SYS_RAWIO))
> - return -EPERM;
> res = get_user(block, p);
> if (res)
> return res;
> --
> 1.9.1
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Kees Cook: "Re: [PATCH v2] clear file privilege bits when mmap writing"
Previous message: Prakash, Prashanth: "Re: [PATCH v3 0/5] ACPI / processor_idle: Add ACPI v6.0 LPI support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]