On 10/24/2017 11:30 PM, Ilya Dryomov wrote: > On Thu, Oct 19, 2017 at 2:14 AM, Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote: >> On Wed, Oct 18, 2017 at 02:38:38PM +0200, Ilya Dryomov wrote: >>> Check for CAP_SYS_ADMIN before calling into the driver, similar to >>> blkdev_flushbuf(). This is safer and can spare a check in the driver. >>> >>> (Currently BLKROSET is overridden by md and rbd, rbd is missing the >>> check. md has the check, but it covers a lot more than BLKROSET.) >>> >>> Signed-off-by: Ilya Dryomov <idryomov@xxxxxxxxx> >>> --- >>> Al, this appears to go back to your "[PATCH] block ioctl cleanup", >>> history commit c6973580141c. 2002 was a long time ago, but still ;) >>> Was there a reason you made BLKFLSBUF check for CAP_SYS_ADMIN before >>> ->ioctl() and BLKROSET after? >> >> It was a long time ago, indeed... The funny part is, at the time >> there had been no ->ioctl() instances with unusual BLKROSET handling >> left; I really don't remember what had left to the override for >> those remaining and (assuming it hadn't been a plain and simple braino) >> the reasons for leaving the check to drivers that might eventually >> want to add such overrides would be in whatever discussion that >> had lead to leaving that override... >> >> There was a *lot* of patch series (semi)manual reordering/rebasing, so >> it might have easily been braindamage on conflict resolution during >> rebase. >> >> gendisk work had been literally hundreds of patches all over the >> drivers/* over the summer and autumn of 2002; I have bits and pieces of >> email archives from back then, but quick grep doesn't catch any >> discussions along those lines and they are incomplete ;-/ >> >> Anyway, >> a) I don't see any reason for drivers to relax the checks on >> BLKROSET and rbd lacking those is almost certainly a bug >> b) Acked-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> >> c) I can push it through vfs tree, but it would probably make >> more sense block one. > > Jens, can you pick this up for 4.15? Done, thanks. -- Jens Axboe
