ChangeSet 1.1571.1.2, 2005/01/24 16:59:07-02:00, [EMAIL PROTECTED]
[PATCH] Rogier Wolff: fix nbd ioctl permissions
Here's a patch for nbd that Rogier recently sent me. It allows non-root
to do BLKGETSIZE, et al. on nbd devices, which he needs for his data
recovery applications.
From: Rogier Wolff <[EMAIL PROTECTED]>
Signed-Off-By: Paul Clements <[EMAIL PROTECTED]>
Description: We shouldn't need CAP_SYS_ADMIN to ask for disk capacity
and such.
nbd.c | 21 ++++++++++++++-------
1 files changed, 14 insertions(+), 7 deletions(-)
diff -Nru a/drivers/block/nbd.c b/drivers/block/nbd.c
--- a/drivers/block/nbd.c 2005-01-30 15:36:20 -08:00
+++ b/drivers/block/nbd.c 2005-01-30 15:36:20 -08:00
@@ -408,10 +408,7 @@
int dev, error, temp;
struct request sreq ;
- /* Anyone capable of this syscall can do *real bad* things */
- if (!capable(CAP_SYS_ADMIN))
- return -EPERM;
if (!inode)
return -EINVAL;
dev = MINOR(inode->i_rdev);
@@ -419,6 +416,20 @@
return -ENODEV;
lo = &nbd_dev[dev];
+
+ /* these are innocent, but.... */
+ switch (cmd) {
+ case BLKGETSIZE:
+ return put_user(nbd_bytesizes[dev] >> 9, (unsigned long *) arg);
+ case BLKGETSIZE64:
+ return put_user((u64)nbd_bytesizes[dev], (u64 *) arg);
+ }
+
+ /* ... anyone capable of any of the below ioctls can do *real bad*
+ things */
+ if (!capable(CAP_SYS_ADMIN))
+ return -EPERM;
+
switch (cmd) {
case NBD_DISCONNECT:
printk("NBD_DISCONNECT\n");
@@ -524,10 +535,6 @@
dev, lo->queue_head.next, lo->queue_head.prev,
requests_in, requests_out);
return 0;
#endif
- case BLKGETSIZE:
- return put_user(nbd_bytesizes[dev] >> 9, (unsigned long *) arg);
- case BLKGETSIZE64:
- return put_user((u64)nbd_bytesizes[dev], (u64 *) arg);
}
return -EINVAL;
}
-
To unsubscribe from this list: send the line "unsubscribe bk-commits-24" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
