Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 52898025 authored by Nigel Hislop's avatar Nigel Hislop Committed by Martin Schwidefsky
Browse files

[S390] dasd: security and PSF update patch for EMC CKD ioctl 



Remove the PSF order/suborder check from the Symmetrix CKD dasd ioctl.
In exchange restrict the ioctl to CAP_SYS_ADMIN and CAP_SYS_RAWIO.

Signed-off-by: default avatarNigel Hislop <hislop_nigel@emc.com>
Signed-off-by: default avatarMartin Schwidefsky <schwidefsky@de.ibm.com>
parent 91a970d9

drivers/s390/block/dasd_eckd.c

+10 −7
Original line number Diff line number Diff line
@@ -2839,8 +2839,13 @@ static int dasd_symm_io(struct dasd_device *device, void __user *argp) 
	char *psf_data, *rssd_result;

	struct dasd_ccw_req *cqr;

	struct ccw1 *ccw;

	char psf0, psf1;

	int rc;



	if (!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_RAWIO))

		return -EACCES;

	psf0 = psf1 = 0;



	/* Copy parms from caller */

	rc = -EFAULT;

	if (copy_from_user(&usrparm, argp, sizeof(usrparm)))
@@ -2869,12 +2874,8 @@ static int dasd_symm_io(struct dasd_device *device, void __user *argp) 
			   (void __user *)(unsigned long) usrparm.psf_data,

			   usrparm.psf_data_len))

		goto out_free;



	/* sanity check on syscall header */

	if (psf_data[0] != 0x17 && psf_data[1] != 0xce) {

		rc = -EINVAL;

		goto out_free;

	}

	psf0 = psf_data[0];

	psf1 = psf_data[1];



	/* setup CCWs for PSF + RSSD */

	cqr = dasd_smalloc_request(DASD_ECKD_MAGIC, 2 , 0, device);
@@ -2925,7 +2926,9 @@ static int dasd_symm_io(struct dasd_device *device, void __user *argp) 
	kfree(rssd_result);

	kfree(psf_data);

out:

	DBF_DEV_EVENT(DBF_WARNING, device, "Symmetrix ioctl: rc=%d", rc);

	DBF_DEV_EVENT(DBF_WARNING, device,

		      "Symmetrix ioctl (0x%02x 0x%02x): rc=%d",

		      (int) psf0, (int) psf1, rc);

	return rc;

}