Kernel Version: 4.18.5
Problem Description:
We found a path where duplicate capability checks are observed,
the path is :
scsi_ioctl<- require CAP_SYS_ADMIN and CAP_SYS_RAWIO
`->sg_scsi_ioctl()
`->blk_verify_command() <- require CAP_SYS_RAWIO
CAP_SYS_RAWIO is checked twice.
related file:
block/scsi_ioctl.c:215
block/scsi_ioctl.c:471
drivers/scsi/scsi_ioctl.c:240
drivers/scsi/scsi_ioctl.c:242
- Tong