Received: by 10.213.65.68 with SMTP id h4csp1990103imn; Thu, 29 Mar 2018 15:11:52 -0700 (PDT) X-Google-Smtp-Source: AIpwx4+QuFzenaAEZkkVRXCtmtFezswC0FYdJDIWXB5IYvkYrOFdUFAbKu9mvUbgcLK9fKxoLIfu X-Received: by 10.99.120.3 with SMTP id t3mr6629224pgc.56.1522361512140; Thu, 29 Mar 2018 15:11:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522361511; cv=none; d=google.com; s=arc-20160816; b=oIwfhS6znd9Vizdt0/2lQBxOe969J92WQxERYq6NJecmtJ6DAvwUMbMX7/f9VXh4Sz 2oEEDFANoNd7Bc5xu2emJpxyIjBzUCPOF9Bs5c8X5BMh7S9idysCx0uqOTP5VwwJyyv3 o2HN3xwGaCl4RGpW3Ni0WlrkpX9RbW78ZIjin04JIGHzCXEM3BUk5a7C7PRy7h5DtXst uuxdj2aBlay8T1OaMnAQuWaVkqoO4g8sGuFjjGiSI09+VGsF9snKwmJY71iaXOA7bsYx uHaQSnwhuW3TOYcOqladSHAT0sOoDq5z7UlA2fRH08MtJ3SPHqcCbcLNMdHi0BCi7y6R Msjw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature:arc-authentication-results; bh=srYLl5zGLaCJFC3qda+SKxwGjs9OLllnaXRD91kAxEE=; b=eBZU3EiYPiSp6JiGAwqrK2XLGk32+SjTN0hY0+EmSHsx/7FB8kLjicB9ACk2+51GN3 W6BJ33fwU5UDAwaC/YNstiZIwinNgQ486aKcndtGSieGWjIiz/sVe3PL+E90r9Qri3YM jL6Gft5phw2kEoGIMr2FXhbGEVSF50mTgrAs5lL3Njisz0DNJbNZre8dAZqgxTCW08to 5T3KL5J5kyvqr+LOIrjBdO2irv41Yph/BGwmP3y4g8ieM5Qc4dss0qt+qxaY9Zv9T+U8 mYscow3FGt5scJ+UU/bgBnXfvfhiXcBLiSwUQQMWjWZuDwTkz6TCjndS/ojlVcJSpVjT cpog== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lightnvm-io.20150623.gappssmtp.com header.s=20150623 header.b=eVAYMozy; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 189si4553981pgc.616.2018.03.29.15.11.37; Thu, 29 Mar 2018 15:11:51 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@lightnvm-io.20150623.gappssmtp.com header.s=20150623 header.b=eVAYMozy; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752724AbeC2WHf (ORCPT + 99 others); Thu, 29 Mar 2018 18:07:35 -0400 Received: from mail-lf0-f68.google.com ([209.85.215.68]:42645 "EHLO mail-lf0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752635AbeC2WHZ (ORCPT ); Thu, 29 Mar 2018 18:07:25 -0400 Received: by mail-lf0-f68.google.com with SMTP id a22-v6so10328097lfg.9 for ; Thu, 29 Mar 2018 15:07:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lightnvm-io.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=srYLl5zGLaCJFC3qda+SKxwGjs9OLllnaXRD91kAxEE=; b=eVAYMozyc/3Zc8OpacPrgFHrjBV0mgQPZ2GhIr6cQlCBE04jneEy9qZaaRgbeb4MaK HgTmtVKoo3Qre8UmWYycpwkc+aNwLIHd+foYtX2fhO6D0hzcRw/y5G0i2D3vvia1MSlJ LU29uCvGTH07kQdiMPYUH6Xc323ZlCycacpO8B3avw2O9sVokGoKROB3cBfp9bqpX3d5 FHtJU4pBed54rqdx4b/SZwQ8hIPMVxTEua9oEikK1TDz7saW7FhKitxEFXbw/rsewmDt 0+nRFmBMvR53f2+i+3uShyQpWQxGDIGbYJK5JcRLBKStSxCj1Du6OY6/jI1gSxICeoL9 gLQQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=srYLl5zGLaCJFC3qda+SKxwGjs9OLllnaXRD91kAxEE=; b=Zazii772P8czvDi+w4uF/LH0ZH+Vo6zCL066LF6oGCb0ViHT1ISnUKdRyKXHJd6OKF +t2vHMTc3gUZNlroZHmrUw/mJ+1rM8oC2dvtgopz6kBei69eBsrK0b6/uQNsX++pJKe1 PafszKFyqT8R8kIg/CaZuBqggTbvhx5ok+NATE+7ilV06uRSinD84G3HQWi0CWhLmS0G czbs1zWXe2Tki3pF46kYY8cB69XbNbz67oAVyrMCpWsFWZb95eHX30hVcjhg4CSh0OO5 u84Aou9r9MnJPsQXVQb3wCDhPgq8Rg3vG8RitU+7DetaQ87NEWrlmsRq8ugGY9v5fyO3 iWmg== X-Gm-Message-State: ALQs6tA9q7d1p4zDJrp8iJKWqFnb2xlNiO84fVLEub0xB0bXFJxXMLrN 23tYc6HnHtqulKZLdWeABb178A== X-Received: by 2002:a19:6b09:: with SMTP id d9-v6mr574975lfa.83.1522361238960; Thu, 29 Mar 2018 15:07:18 -0700 (PDT) Received: from Macroninja.cnexlabs.com (x1-6-a4-08-f5-18-3c-3a.cpe.webspeed.dk. [188.176.29.198]) by smtp.gmail.com with ESMTPSA id i89-v6sm1365508lfk.12.2018.03.29.15.07.17 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 29 Mar 2018 15:07:18 -0700 (PDT) From: =?UTF-8?q?Matias=20Bj=C3=B8rling?= To: axboe@fb.com Cc: linux-block@vger.kernel.org, linux-kernel@vger.kernel.org, keith.busch@intel.com, javier@cnexlabs.com, Johannes Thumshirn , =?UTF-8?q?Matias=20Bj=C3=B8rling?= Subject: [GIT PULL 20/37] lightnvm: centralize permission check for lightnvm ioctl Date: Fri, 30 Mar 2018 00:05:07 +0200 Message-Id: <20180329220524.30363-21-mb@lightnvm.io> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180329220524.30363-1-mb@lightnvm.io> References: <20180329220524.30363-1-mb@lightnvm.io> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Johannes Thumshirn Currently all functions for handling the lightnvm core ioctl commands do a check for CAP_SYS_ADMIN. Change this to fail early in nvm_ctl_ioctl(), so we don't have to duplicate the permission checks all over. Signed-off-by: Johannes Thumshirn Signed-off-by: Matias Bjørling --- drivers/lightnvm/core.c | 21 +++------------------ 1 file changed, 3 insertions(+), 18 deletions(-) diff --git a/drivers/lightnvm/core.c b/drivers/lightnvm/core.c index 3eec948d1b7e..5b197d6bb6d9 100644 --- a/drivers/lightnvm/core.c +++ b/drivers/lightnvm/core.c @@ -1019,9 +1019,6 @@ static long nvm_ioctl_info(struct file *file, void __user *arg) struct nvm_tgt_type *tt; int tgt_iter = 0; - if (!capable(CAP_SYS_ADMIN)) - return -EPERM; - info = memdup_user(arg, sizeof(struct nvm_ioctl_info)); if (IS_ERR(info)) return -EFAULT; @@ -1060,9 +1057,6 @@ static long nvm_ioctl_get_devices(struct file *file, void __user *arg) struct nvm_dev *dev; int i = 0; - if (!capable(CAP_SYS_ADMIN)) - return -EPERM; - devices = kzalloc(sizeof(struct nvm_ioctl_get_devices), GFP_KERNEL); if (!devices) return -ENOMEM; @@ -1103,9 +1097,6 @@ static long nvm_ioctl_dev_create(struct file *file, void __user *arg) { struct nvm_ioctl_create create; - if (!capable(CAP_SYS_ADMIN)) - return -EPERM; - if (copy_from_user(&create, arg, sizeof(struct nvm_ioctl_create))) return -EFAULT; @@ -1141,9 +1132,6 @@ static long nvm_ioctl_dev_remove(struct file *file, void __user *arg) struct nvm_dev *dev; int ret = 0; - if (!capable(CAP_SYS_ADMIN)) - return -EPERM; - if (copy_from_user(&remove, arg, sizeof(struct nvm_ioctl_remove))) return -EFAULT; @@ -1168,9 +1156,6 @@ static long nvm_ioctl_dev_init(struct file *file, void __user *arg) { struct nvm_ioctl_dev_init init; - if (!capable(CAP_SYS_ADMIN)) - return -EPERM; - if (copy_from_user(&init, arg, sizeof(struct nvm_ioctl_dev_init))) return -EFAULT; @@ -1187,9 +1172,6 @@ static long nvm_ioctl_dev_factory(struct file *file, void __user *arg) { struct nvm_ioctl_dev_factory fact; - if (!capable(CAP_SYS_ADMIN)) - return -EPERM; - if (copy_from_user(&fact, arg, sizeof(struct nvm_ioctl_dev_factory))) return -EFAULT; @@ -1205,6 +1187,9 @@ static long nvm_ctl_ioctl(struct file *file, uint cmd, unsigned long arg) { void __user *argp = (void __user *)arg; + if (!capable(CAP_SYS_ADMIN)) + return -EPERM; + switch (cmd) { case NVM_INFO: return nvm_ioctl_info(file, argp); -- 2.11.0