On Wed, 2012-01-18 at 10:00 +0100, Paolo Bonzini wrote: > On 01/18/2012 05:47 AM, Ben Hutchings wrote: > > > Changes with respect to 3.3: return -ENOTTY from scsi_verify_blk_ioctl > > > and -ENOIOCTLCMD from sd_compat_ioctl. ] > > > > But in 2.6.32, compat_sys_ioctl will end up returning EINVAL rather than > > ENOTTY for an unhandled ioctl number. > > No, it won't. The ioctl will percolate up the non-compat path and then > sd_ioctl will return ENOTTY. Ah, yes. > > Also, since we're denying ioctls > > for security reasons rather than because we don't know how to handle > > them, I don't think there's any harm in doing this. > > There is harm. You'll be blacklisting also the standard block device > ioctls, and those won't work on 32-on-64 anymore. A system with 32-bit > userland will likely not boot anymore. It does (yes, I tested that myself now). The standard block device ioctls are handled without calling the driver's compat_ioctl. > This is also somewhat exchanged in my original exchange with Linus. Anyway, I agree that it is not necessary to differ from mainline here. Ben. -- Ben Hutchings When in doubt, use brute force. - Ken Thompson
Attachment:
signature.asc
Description: This is a digitally signed message part
