leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
de139a3393
linux/drivers
History
Chris Wright de139a3393 pci: check caps from sysfs file open to read device dependent config space 
The PCI config space bin_attr read handler has a hardcoded CAP_SYS_ADMIN
check to verify privileges before allowing a user to read device
dependent config space.  This is meant to protect from an unprivileged
user potentially locking up the box.

When assigning a PCI device directly to a guest with libvirt and KVM,
the sysfs config space file is chown'd to the unprivileged user that
the KVM guest will run as.  The guest needs to have full access to the
device's config space since it's responsible for driving the device.
However, despite being the owner of the sysfs file, the CAP_SYS_ADMIN
check will not allow read access beyond the config header.

With this patch we check privileges against the capabilities used when
openining the sysfs file.  The allows a privileged process to open the
file and hand it to an unprivileged process, and the unprivileged process
can still read all of the config space.

Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Acked-by: Jesse Barnes <jbarnes@virtuousgeek.org>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2010-05-21 09:37:32 -07:00
..
accessibility
acpi sysfs: add struct file* to bin_attr callbacks 2010-05-21 09:37:31 -07:00
amba
ata Merge branch 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jgarzik/libata-dev 2010-05-20 09:27:37 -07:00
atm atm: select FW_LOADER in Kconfig for solos-pci 2010-05-17 17:44:36 -07:00
auxdisplay
base sysfs: add struct file* to bin_attr callbacks 2010-05-21 09:37:31 -07:00
block generate "change" uevent for loop device 2010-05-21 09:37:30 -07:00
bluetooth Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2010-05-20 21:04:44 -07:00
cdrom
char Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2010-05-20 10:33:06 -07:00
clocksource Merge branch 'timers-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip 2010-05-19 17:10:57 -07:00
connector
cpufreq Merge branch 'x86-cpu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip 2010-05-18 08:49:13 -07:00
cpuidle
crypto
dca
dio
dma Merge git://git.kernel.org/pub/scm/linux/kernel/git/lethal/sh-2.6 2010-05-19 11:36:03 -07:00
edac
eisa
firewire Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2010-05-20 09:20:59 -07:00
firmware sysfs: add struct file* to bin_attr callbacks 2010-05-21 09:37:31 -07:00
gpio sysfs: Implement sysfs tagged directory support. 2010-05-21 09:37:31 -07:00
gpu sysfs: add struct file* to bin_attr callbacks 2010-05-21 09:37:31 -07:00
hid USB: rename usb_buffer_alloc() and usb_buffer_free() users 2010-05-20 13:21:38 -07:00
hwmon
i2c Merge branch 'for-linus/i2c-2635' of git://git.fluff.org/bjdooks/linux 2010-05-20 09:41:17 -07:00
ide
idle
ieee1394
ieee802154
infiniband Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2010-05-20 21:04:44 -07:00
input Merge git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb-2.6 2010-05-20 21:26:12 -07:00
isdn Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2010-05-20 21:04:44 -07:00
leds
lguest
macintosh
mca
md sysfs: Implement sysfs tagged directory support. 2010-05-21 09:37:31 -07:00
media Merge git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb-2.6 2010-05-20 21:26:12 -07:00
memstick
message Merge git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-misc-2.6 2010-05-21 07:19:18 -07:00
mfd Merge branch 'topic/asoc' into for-linus 2010-05-20 12:00:43 +02:00
misc sysfs: add struct file* to bin_attr callbacks 2010-05-21 09:37:31 -07:00
mmc Merge branch 'devel' of master.kernel.org:/home/rmk/linux-2.6-arm 2010-05-19 11:37:22 -07:00
mtd Merge git://git.infradead.org/mtd-2.6 2010-05-21 07:25:43 -07:00
net sysfs: add struct file* to bin_attr callbacks 2010-05-21 09:37:31 -07:00
nubus
of
oprofile
parisc
parport
pci pci: check caps from sysfs file open to read device dependent config space 2010-05-21 09:37:32 -07:00
pcmcia sysfs: add struct file* to bin_attr callbacks 2010-05-21 09:37:31 -07:00
platform
pnp
power sysfs: add struct file* to bin_attr callbacks 2010-05-21 09:37:31 -07:00
pps
ps3
rapidio sysfs: add struct file* to bin_attr callbacks 2010-05-21 09:37:31 -07:00
regulator Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2010-05-20 09:20:59 -07:00
rtc sysfs: add struct file* to bin_attr callbacks 2010-05-21 09:37:31 -07:00
s390 sysfs: add struct file* to bin_attr callbacks 2010-05-21 09:37:31 -07:00
sbus
scsi sysfs: add struct file* to bin_attr callbacks 2010-05-21 09:37:31 -07:00
serial Merge git://git.kernel.org/pub/scm/linux/kernel/git/brodo/pcmcia-2.6 2010-05-20 09:09:46 -07:00
sfi
sh sh: simplify WARN usage in SH clock driver 2010-05-13 17:43:11 +09:00
sn
spi Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2010-05-20 09:20:59 -07:00
ssb Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2010-05-20 21:04:44 -07:00
staging sysfs: add struct file* to bin_attr callbacks 2010-05-21 09:37:31 -07:00
tc
telephony
thermal
uio
usb sysfs: add struct file* to bin_attr callbacks 2010-05-21 09:37:31 -07:00
uwb
vhost Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-05-16 22:26:58 -07:00
video sysfs: add struct file* to bin_attr callbacks 2010-05-21 09:37:31 -07:00
virtio
vlynq vlynq: make whole Kconfig-menu dependant on architecture 2010-05-14 16:59:54 +02:00
w1 sysfs: add struct file* to bin_attr callbacks 2010-05-21 09:37:31 -07:00
watchdog USB: rename usb_buffer_alloc() and usb_buffer_free() users 2010-05-20 13:21:38 -07:00
xen
zorro sysfs: add struct file* to bin_attr callbacks 2010-05-21 09:37:31 -07:00
Kconfig
Makefile