From patchwork Tue Jun 1 08:39:25 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Niklas Cassel X-Patchwork-Id: 12290719 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,PDS_BAD_THREAD_QP_64,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 07F96C47092 for ; Tue, 1 Jun 2021 08:39:32 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id D2CE261263 for ; Tue, 1 Jun 2021 08:39:31 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233406AbhFAIlL (ORCPT ); Tue, 1 Jun 2021 04:41:11 -0400 Received: from esa5.hgst.iphmx.com ([216.71.153.144]:23924 "EHLO esa5.hgst.iphmx.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231139AbhFAIlK (ORCPT ); Tue, 1 Jun 2021 04:41:10 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=wdc.com; i=@wdc.com; q=dns/txt; s=dkim.wdc.com; t=1622536768; x=1654072768; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=DtJ4hJf/z03wTkZKFrDfWAl40d9VrkijrvmSgH/A9qE=; b=p/DYkqOosI+4eVe5+sRJqqwEf4FkvkFTXAX4oOPT2C1YaEh+7SO7Zfpe OS7cWxa0SLQvV7hP5iYEBbS7CikwjQDqh0iuTGIyaUp9JUhMGmAa/cUkx q0vqZbF41U9qUdyyxvGTNwj1EOhZUsEX55am7rCVHJEkJmf8hFXtjH0UH gC4C+5Ma8WXgrEnLJ1gzULKj0U8y3C6pLI1NawcJadRp0qylssNra4F8F mZG38BksnaoRqqQrGb6tywn0w64eCWYzPeyKInsNlRfceUX0Qoi/JY9GP N2jon7j1+wtmnaXsA9xWO83uwNGxyc5XjZL2F0IA3BeB4ZE4++9FmcZOl g==; IronPort-SDR: 1mbTYWpWrjQ6iWlpWLJ4SReRNp39D5QJ3OwrxvZ8GqMdKZRw173Iu1aoCM5OcTbP6fGlzu6C2f GhKCNC07q0pPMSkRimESWQfspNcCC/Z24r6MnXValQxz6usm1csn3Zs+toAqATbMt+9+gAy9F9 wGSHVZi8KJEDRZHgCGsVPC0vH+Vr0Xq1xR1TQkgBKucLj9iE0Rh6QpZbgeCIB0kxWs043yziDt fIKN0yIxEGcfQGoV8vWA1+BEsgWzdKD2abuXWImqGLFa02qwOAoPdR7zUe4zIyVMZPoHugRcw+ jEQ= X-IronPort-AV: E=Sophos;i="5.83,239,1616428800"; d="scan'208";a="170253880" Received: from mail-mw2nam08lp2176.outbound.protection.outlook.com (HELO NAM04-MW2-obe.outbound.protection.outlook.com) ([104.47.73.176]) by ob1.hgst.iphmx.com with ESMTP; 01 Jun 2021 16:39:27 +0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NmEgB/LTChFSkVtzx22GiCJZSYPttzXwyOtXS5K4mrmmoAnQsAWPkBjsnruLhka0D6zRQxUyAxqNSmxrMwix8LFkWhh9JAV8yy7x6Xk6nSg0zpOOf9izGsb1PTOyWbqzXxx7VW3cMJiB6QYhiOIiCg+RYkN8X5M0xmbvKlLGA1J0/iGWZYZ537SrUVv7DZXuSylgC/Krn69URLeZ6O8TonhMAgj2KJGsRfeP5jc30p6B28xJ17tsCAt0K+4uEILkDI8mkEog6nTvtPN0E14+Dd+irf0QQQirWFDvvdpgru4PLNfxAyE/hfFtKzKiMFCj0kPtA1dntTiHgkcW5Srgfg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JqVcN0931a2aXWQGyDWz+BT7MX0E9mpsiwWZAK/2hcI=; b=RLkGwIPrR8kHuNo8bDDA7kKk8LRPxaBRFhWPRUMm0ZeP/tFFF8wEfZvmHg3zUwlAwZEDrpw0Y624y1mHSxHUuaBvks7WXVryVAzwrMUSQnKLV+h2EJiordooiC8Z+gWojqZkRdBwMoIvxKkYw0muBv4V9vHuyeaZZaH5lxWC8ajINVIhBXV9QKQAmWielDOssejSC2e4qbIJBqj3HJ6XSmhykirqVkOUhsptL5oizB7iIIbMYmsNpuy9LilVG0rMka8WT7yskgCmJajFc4aVlvRW5R+umnpR5a2GbYawF/k0Pr5XzT7jGmNp2DxqccE46I3k8Z8mmzsFDqsnSXFlQA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=wdc.com; dmarc=pass action=none header.from=wdc.com; dkim=pass header.d=wdc.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sharedspace.onmicrosoft.com; s=selector2-sharedspace-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JqVcN0931a2aXWQGyDWz+BT7MX0E9mpsiwWZAK/2hcI=; b=x6H/kyVrrV+pXB/qZ7alabWMzROPO6q3NHWhhWxMSpuXZcTJymkLsJqDkYk9rPjhVWCq/QkMAry2n0zbAKwrCw7qq2O5ljr7PQ7HWLX80TF+ZchsErrF0GKHvUeFqKcQLlciB1dOubb5By4zRArH02cmIQYxgBcwoyLzfMq6XPc= Received: from PH0PR04MB7158.namprd04.prod.outlook.com (2603:10b6:510:8::18) by PH0PR04MB7317.namprd04.prod.outlook.com (2603:10b6:510:1e::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.20; Tue, 1 Jun 2021 08:39:28 +0000 Received: from PH0PR04MB7158.namprd04.prod.outlook.com ([fe80::45d7:388e:5cbb:ae1e]) by PH0PR04MB7158.namprd04.prod.outlook.com ([fe80::45d7:388e:5cbb:ae1e%6]) with mapi id 15.20.4173.030; Tue, 1 Jun 2021 08:39:28 +0000 From: Niklas Cassel To: Jens Axboe , "Martin K. Petersen" , Damien Le Moal , Hannes Reinecke , Shaun Tancheff CC: Damien Le Moal , Niklas Cassel , "stable@vger.kernel.org" , Jens Axboe , "linux-block@vger.kernel.org" , "linux-kernel@vger.kernel.org" Subject: [PATCH v2 1/2] blk-zoned: allow zone management send operations without CAP_SYS_ADMIN Thread-Topic: [PATCH v2 1/2] blk-zoned: allow zone management send operations without CAP_SYS_ADMIN Thread-Index: AQHXVsGgYX0QC3Ho4UCNzFW5ZLQacA== Date: Tue, 1 Jun 2021 08:39:25 +0000 Message-ID: <20210601083915.156476-2-Niklas.Cassel@wdc.com> References: <20210601083915.156476-1-Niklas.Cassel@wdc.com> In-Reply-To: <20210601083915.156476-1-Niklas.Cassel@wdc.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: git-send-email 2.31.1 authentication-results: kernel.dk; dkim=none (message not signed) header.d=none;kernel.dk; dmarc=none action=none header.from=wdc.com; x-originating-ip: [85.226.244.4] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: daef2deb-d426-4a9e-73af-08d924d8c4ba x-ms-traffictypediagnostic: PH0PR04MB7317: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: wdcipoutbound: EOP-TRUE x-ms-oob-tlc-oobclassifiers: OLM:8882; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: ZzJt6DqVKKeT89wLLDBn+xFeAZYi94v+Q1gv7MvkuZo+SrOlxroJKoDbxpvoak0qnqANjbTdEbfNn3C6UgHRE2uHXrJY4TNjNtgDHgp7jZyXOaXDjUiEZ0pEv5GmCA1kxkB/CWX7r2aHD4OoJUAP0M7p/iEptRyBkPtRs1Jpkh12HmNjuh1tDzp+3GVFKmGiggnzykEw3MWp+sNJtXMubhXeW+l16tOaK4pc+c2k2WOWmuEBNt55Ai4JQ+/F21n7FxM954SdYaMvEJwno1fC63Wl5iXL5Eak4eqcFtC2Du2/9yvrb7f4q0aVLrQixbytKw7cKRQi4buPdsyVwxMIg7h5CFG+8lqmgiK4QLrxBHE63K/+LL4nM1llAC759ivUEQWf5dzotRxmiKippYaHRBI5xP7cMi8dNYtsbnTmqJBggEvDxgZU9H1+E3FQXDA8kgOKPg9kp2OD/q8ptl5NfCrLSHPVFHWoSgNQr0vuAytq2m7TXUZWZsU8ckeerILtLDk7mwHze0kLIFg0hjdOPxd0/PJvqhbycarWiE4kbL7wiDcFdUJ2XEq1M2Dtzd7G/rf7orVW8MQSLcX1yHJwA8I4HZ4JOW/cuurhkQ8HgIQ= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR04MB7158.namprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(396003)(136003)(346002)(376002)(39860400002)(122000001)(110136005)(186003)(54906003)(38100700002)(66446008)(6666004)(4326008)(64756008)(316002)(478600001)(36756003)(5660300002)(76116006)(2616005)(66476007)(66946007)(91956017)(8936002)(6512007)(86362001)(26005)(8676002)(1076003)(83380400001)(2906002)(6486002)(71200400001)(6506007)(66556008);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: =?iso-8859-1?q?1RVhDkyBBkiyNNczkEYcIFzHl?= =?iso-8859-1?q?E1K5TUd6fCW9BEv6s8dlqHc3ZPf1JxzAKEpb9FW3ORLN+K9EqoJmYZ7xmDE9?= =?iso-8859-1?q?lFG+utFYbFCxvV0iOFu6Z4Lz1xUMbwmIGx+ZKU1noTLaBuO+PavyFttyBUwp?= =?iso-8859-1?q?rvfZDc+kyaCHCmgp6apJPsKsnsDHBZrRbkzxXnzzfYp1loAqmOAxQcNtppJk?= =?iso-8859-1?q?+0U7HWlm80B1iQGFw84DKAeoPE69GyQVqbJrJQJ9DfNggMndmlTkCFEdKIol?= =?iso-8859-1?q?h6hg8/t6/g8bS3ZeFMkw0Zs5VsPb4CC+ZSP53NS/+oCEQJ1Q8ICTpeKRYKdH?= =?iso-8859-1?q?NOxVsFMOZmUsLElIhp0br3RlNYn1I1Szi9qdg6jcGOC2OQjDhPkqNTEEfQKk?= =?iso-8859-1?q?p/U8GhYx6w3LCQKYNw1L7Z9CsdgM1hsH4iTbm9C+kzB/nnNmXO4hwcW9SsXf?= =?iso-8859-1?q?yLjjHg/seAyKlXxjKLuj9R/S41UrslHwt7UOOj3xwk6SbLnAVLSX/5am6caH?= =?iso-8859-1?q?H0Pl7tEwrntiuDe5fLB5c8kmQsBxYOEWmnX5kTh9i078QVILVLfy3cjBijg0?= =?iso-8859-1?q?wXRF5qCTiHgCMwX/3dcno8t0DrQWIUSTcw3YbjXcE2ZQCXZuxfBu5nv6JzoS?= =?iso-8859-1?q?4qrlKFYdZ0zBL9X2LEy1cHRgeIkpaDi3145u7TcRMTgq5Egm5uT61yLtisjb?= =?iso-8859-1?q?i7u5KS4ei1Y/hRnQidttAUjkYP3RADgyirHr/U0xNUUCt2i2U2Ft3lo4vuSB?= =?iso-8859-1?q?yhi+at0xU9KRyfcF80WMq9UYivjwa0F86wy9Z2vM7aOVnL58lHncJWLyfyQv?= =?iso-8859-1?q?ODKyMHUUGPjA3sPnuygmEt+znZxbV30gzY/q4eSMSsXccyT0uF5l7rMQiBhb?= =?iso-8859-1?q?YcrPodYHn94nOppQjDsKb6u6Vxpj5gTOOV1Rtc0u9JYncGhwnaxMoQNKXXqu?= =?iso-8859-1?q?2wROBcmRErqU/S623pZMndptViE54hpxxZFSTTVMhysq6TdaucY7eUAVnaSD?= =?iso-8859-1?q?fLamvNlX9lHDm0ksnrU5YyLAOds4QFJHtqLMr83BeYmxaNZi7EChLAc8Wf8F?= =?iso-8859-1?q?pp4vlB+5sf0WB42YDXeTT1rXTEurdfxdpOYH3mO9RPUyGcNtrbNB0Me+4l4a?= =?iso-8859-1?q?xhbvBswP/nMT5yHkkmraYJnm/qeFqzU9Xpv5RS6FQ/8g0gsQhZ8gdRsxtdqq?= =?iso-8859-1?q?bMoKGlgsNXmpmTKLOijP2q88jA7OeNYQfjSHoqZ2fzswMJozhjEKGjm2uGNG?= =?iso-8859-1?q?L0ALLX5+fF7DLrOk9lqscfdTY554nXKNqZimk9YjJ/eu3l6tSfW3GRx5YMVR?= =?iso-8859-1?q?d+jLEb/x6huj+2T90j3IXWCTU8blz6O8nK6gx5NsW4vTEJxz+8cfBpsdt3C?= MIME-Version: 1.0 X-OriginatorOrg: wdc.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR04MB7158.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: daef2deb-d426-4a9e-73af-08d924d8c4ba X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Jun 2021 08:39:25.1478 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: b61c8803-16f3-4c35-9b17-6f65f441df86 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: aaE8XvT+/XF7JBOybxSo2t/MLyL6qTT8SLm8JPOESqptaWXwLdCfQpgUJARR08OBj99wMyu01ca6oeYYbxF2Yg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR04MB7317 Precedence: bulk List-ID: X-Mailing-List: linux-block@vger.kernel.org From: Niklas Cassel Zone management send operations (BLKRESETZONE, BLKOPENZONE, BLKCLOSEZONE and BLKFINISHZONE) should be allowed under the same permissions as write(). (write() does not require CAP_SYS_ADMIN). Additionally, other ioctls like BLKSECDISCARD and BLKZEROOUT only check if the fd was successfully opened with FMODE_WRITE. (They do not require CAP_SYS_ADMIN). Currently, zone management send operations require both CAP_SYS_ADMIN and that the fd was successfully opened with FMODE_WRITE. Remove the CAP_SYS_ADMIN requirement, so that zone management send operations match the access control requirement of write(), BLKSECDISCARD and BLKZEROOUT. Fixes: 3ed05a987e0f ("blk-zoned: implement ioctls") Signed-off-by: Niklas Cassel Reviewed-by: Damien Le Moal Cc: stable@vger.kernel.org # v4.10+ --- Changes since v1: - Pick up tag from Damien. - Add fixes tag and CC stable. Note to backporter: Function was added as blkdev_reset_zones_ioctl() in v4.10. Function was renamed to blkdev_zone_mgmt_ioctl() in v5.5. The patch is valid both before and after the function rename. block/blk-zoned.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/block/blk-zoned.c b/block/blk-zoned.c index 250cb76ee615..0789e6e9f7db 100644 --- a/block/blk-zoned.c +++ b/block/blk-zoned.c @@ -349,9 +349,6 @@ int blkdev_zone_mgmt_ioctl(struct block_device *bdev, fmode_t mode, if (!blk_queue_is_zoned(q)) return -ENOTTY; - if (!capable(CAP_SYS_ADMIN)) - return -EACCES; - if (!(mode & FMODE_WRITE)) return -EBADF; From patchwork Tue Jun 1 08:39:25 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Niklas Cassel X-Patchwork-Id: 12290721 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,PDS_BAD_THREAD_QP_64,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0E2DBC47098 for ; Tue, 1 Jun 2021 08:39:33 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id EB84661263 for ; Tue, 1 Jun 2021 08:39:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233127AbhFAIlM (ORCPT ); Tue, 1 Jun 2021 04:41:12 -0400 Received: from esa5.hgst.iphmx.com ([216.71.153.144]:23924 "EHLO esa5.hgst.iphmx.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233381AbhFAIlL (ORCPT ); Tue, 1 Jun 2021 04:41:11 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=wdc.com; i=@wdc.com; q=dns/txt; s=dkim.wdc.com; t=1622536769; x=1654072769; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=g8DOLjJsGvggNAXe88Wq/Zkih2F0lulpgW/ocCC60y8=; b=ZSNV63VBsTifWBXOtuQAtuef3HNnXwmRYIGpAivj1XeDGag1MDA3gEOw 1GeJgs1bnBJmZ/ebVYvPlvtIqO8P1ycsSWc4MQaHBQvriXde1TVVho7LL 1fOJ9egDr36QRtUwaR5RMuP15+/MLHRseV629bwSoNPvfY2sP5MjgDcxB 5kkOITBN7KPm9s8rCJSz5VQZNP8TjlLhS9iEGmEMkkvnb6plt52WXos/G iYj3JN2+iiZ6CkmnoOHhLodGsHeRzQCgLjtm/qSRcqKzZff3Exkshphj3 xSES5SCaQ+nfeCEwl+3dvmcg8N2AlwOCSlQl/K5ZR4D63V+8HhIAQQbnX w==; IronPort-SDR: ldjpW0tAoS6f3szGLnVqrAkkgK1CpVwffkCZcK52jkSi8qr17aBEp9VswHG0OIDNkE5J3AVU39 fpBqgU1bxkR92XEDo7SR9tWTAIdm5zqXIfIwdJHsv2BabY9fgJMrtlkJdJfUTJ4ADjPcx1GOi7 ilRixybwTNZuXXEgdyk2arI2Fw6sZ94XbKF+khKUGcCA/4K9Cqq1ikosz4vPTMLWn43K/w9aJw OxAummh1LLUeZQlZB5/e5C9OWYkbDedqVaR1p6g0g+YL0XST7npeJSItCoDUXLAJ9hWAnl35Yk 0tU= X-IronPort-AV: E=Sophos;i="5.83,239,1616428800"; d="scan'208";a="170253883" Received: from mail-mw2nam08lp2176.outbound.protection.outlook.com (HELO NAM04-MW2-obe.outbound.protection.outlook.com) ([104.47.73.176]) by ob1.hgst.iphmx.com with ESMTP; 01 Jun 2021 16:39:28 +0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Tl0m5UHhUtZmvvn+9sTlgcRP26Xe6AC+TVnfXkRFG3prztdRHP+nbOQiRC2A/vMRvyGpk4Irj4m8qB35pmVOKXIbpvLA1Yk4kNQhKmXYQlmhTkbe8Dg2D9DyIl14QE4Dl2TGwwKlJCA+uhN+ZAlgOpjX5/h+MHrb+2VlX3dHmHbZae0tSRgeEeDGPZ7sAfuaZpxdrhVE6medyUR5HDCp3vdXncXse3FfeH01lyFANiEzNgKmnKnBJ4LVGkNpdLsfZmZCDZVu/kbZOiSYNyowo9g1cqy4TNnhNslwftHCoBylVqoRRYV+uNaktCx+nBKVJENuS68fuvRVziYpYPgd8w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=U8B7uvb3iWhUns9LtiFlTeHbenNK/Rt3GDDkNTgoJeA=; b=ZjkGdMpskO7LYuBqC0UysHAB/18D1QPzkZrvfH+ANr4ImUgVl71ofW2jPyhX63qh0d10e1IfeVUBl9hGbYuTbld9SJuPDufdLeMMt2GUjqSxPFZ4Z3XWTfybVL02tIU/26TL7Z/JRt5/X22Kqe8KSw//eC9kAp9IJ6GpwPpTGZAvMx8KpZQfT7aYdgYyvoSELXsdbSeOYwgxnlxK/hGCZ74RHV+Az1zpboJxEU5USfV5NvmsB+lMTqVXqw/zSwDXZZb4y/hqqshzf6cY/053ULQkLsW1sjyHpTxrXj+ibwsnD5KcnTMPiYqHMvDSROmhuTqq1AHIjjPXtpA54xq9gQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=wdc.com; dmarc=pass action=none header.from=wdc.com; dkim=pass header.d=wdc.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sharedspace.onmicrosoft.com; s=selector2-sharedspace-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=U8B7uvb3iWhUns9LtiFlTeHbenNK/Rt3GDDkNTgoJeA=; b=zrZtb9U+PAh1d6GfGE1kkd9uoUCN8RjuPbaFuTHKJ03uCi5lHKpi3wc3S8WlOFvKiSnMHATBtrqlyuI+erkWs/scsA59ohtFQnOZ8hssFS9t7eqXLN4Ay7gcR8Qd4VHVTOtcHmBSr194KS+3R0GW5Qga3/1ipil4P/AIf2Kcd7M= Received: from PH0PR04MB7158.namprd04.prod.outlook.com (2603:10b6:510:8::18) by PH0PR04MB7317.namprd04.prod.outlook.com (2603:10b6:510:1e::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.20; Tue, 1 Jun 2021 08:39:28 +0000 Received: from PH0PR04MB7158.namprd04.prod.outlook.com ([fe80::45d7:388e:5cbb:ae1e]) by PH0PR04MB7158.namprd04.prod.outlook.com ([fe80::45d7:388e:5cbb:ae1e%6]) with mapi id 15.20.4173.030; Tue, 1 Jun 2021 08:39:28 +0000 From: Niklas Cassel To: Jens Axboe , Damien Le Moal , Shaun Tancheff , "Martin K. Petersen" , Hannes Reinecke CC: Damien Le Moal , Niklas Cassel , "stable@vger.kernel.org" , Jens Axboe , "linux-block@vger.kernel.org" , "linux-kernel@vger.kernel.org" Subject: [PATCH v2 2/2] blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN Thread-Topic: [PATCH v2 2/2] blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN Thread-Index: AQHXVsGgyVhYWBzsdE+J29N7kj8+jQ== Date: Tue, 1 Jun 2021 08:39:25 +0000 Message-ID: <20210601083915.156476-3-Niklas.Cassel@wdc.com> References: <20210601083915.156476-1-Niklas.Cassel@wdc.com> In-Reply-To: <20210601083915.156476-1-Niklas.Cassel@wdc.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: git-send-email 2.31.1 authentication-results: kernel.dk; dkim=none (message not signed) header.d=none;kernel.dk; dmarc=none action=none header.from=wdc.com; x-originating-ip: [85.226.244.4] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 86975a09-efc9-406a-fda9-08d924d8c4f0 x-ms-traffictypediagnostic: PH0PR04MB7317: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: wdcipoutbound: EOP-TRUE x-ms-oob-tlc-oobclassifiers: OLM:3631; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: wXXnEp8qxE5K4sKY5Bo/H5eEkIAr7Dxce2acn9dFUFnCRhjtx3kD4erQ7cIZwXZ6uid1EqsvUOtyBLROKboVMACewKYH3q1gO8BYd3lH9NbJkP1M6eR5v3Kw/q82KQJPXJivl7AkPH80kQh625d+uxhLlcACIF2UhUFzye9+ThoM/Nt/2BR5/CDhEHOaLUMBFrMIKEIg3p5mYzW51FuYX6JAp0/plV9wl+KQq6Nq7cwJxWPJ1y483nXDs+n4Jdvjy70s3pikJfy2E7W3SEPL5YkGr55vs1DgXTzW0ncdDskypRdep+v3HZ9417Wy3HFxSCA5FfSye5Y3e8DsykWNmpIwVI8G86FZqvSqGeUcT4xwSqGoxe+ig+Jm24i608u0ris7BfVXDX8Gr9Be83v4oYkqpXMby3JSv1uPbKgnC3zdq+55Gmk3Vhn8fsrryvbm2o6o4nbvIaJAF1+DXLNT+AMfrrFgbkpG0ujPMbL6OgEZwQLjFQaRGnjQGdSC4bcO4ZD/Q1iNpeB/si2zDv0GH77kJ9aHF8svWpTVpsfAfH+UG/WTO+B+kpiSidp/D6yGZJHDSUOMDPQWdhsCdtGLOYgBUV/CK1hYYlkwXG4YuDM= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR04MB7158.namprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(396003)(136003)(346002)(376002)(39860400002)(122000001)(110136005)(186003)(54906003)(38100700002)(66446008)(6666004)(4326008)(64756008)(316002)(478600001)(36756003)(5660300002)(76116006)(2616005)(66476007)(66946007)(91956017)(8936002)(6512007)(86362001)(26005)(8676002)(1076003)(83380400001)(2906002)(6486002)(71200400001)(6506007)(66556008);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: =?iso-8859-1?q?Q+2SRiYPrUgSyrsTLSfMqdSya?= =?iso-8859-1?q?2gWeA44zKOf+TvsTvsdw/IIHgowcvJN1ZA2kci1Svwxe0fB4J0Nxf1xGkvDf?= =?iso-8859-1?q?BCFXs+vuPL3Ct0orQib9aTe8IEuARJiln6NnxVfsimo7tW7vYJfP6ugijTiA?= =?iso-8859-1?q?hQIGnsCyNR0+TPk/WG2+ZZ04ZPHdrRcDBPHIiOUiKeGW6XjhpM/+CzF9g8Fi?= =?iso-8859-1?q?NhoC6ZvXB44LhJv8d4cUTIWYtytmOE2DxwJsCoTpFm9GP3EIqCCA/yhvV8qp?= =?iso-8859-1?q?MAc3MzwUUuYe9zzGdt7BeTG2ubji8tU0ePIZmVrhzO5sM9szOJ/BKksd9lbx?= =?iso-8859-1?q?d4tmAcgsjei0eu0XP65cZEXUnxIU3qI8BSzkCYt3qUx+XFyq26JdKoZ9iGFo?= =?iso-8859-1?q?vCcnadnEQ+Fe2JyHWsUdFQfyRYxbJMiUtfOb2X8MnU9gAtR2DGfUy44AjPnU?= =?iso-8859-1?q?ODaRHFVntDWBU0B3Ft/FPcldh+Cm/Pmrj8ynEpUklF2BiCXoaj4bMSZVeJDB?= =?iso-8859-1?q?twMExzmdfPa+z8KHPjtMaZwLxJeWBvApjLkD/Mi02R9+nMZ5qKbzAkAdLYi3?= =?iso-8859-1?q?bpyPpr4ZqWc1+uh6gS85dmlBN5kQnyKOPKpEg/VjxN/EWoPIznmGRb/6gpbm?= =?iso-8859-1?q?Rl+xpI4AO8KirlgEHk08nIjh2gtOUHeCGO7v5/XEqMFlEAhOA2WYfL99rWpt?= =?iso-8859-1?q?sc404RWdWNU5TYm66RnhbwaJ7UzXXr3/zClXeT6b0+FXlqCZHLCFXgP8zxhE?= =?iso-8859-1?q?dNkULGAXQEkkFrofI5ScXf2Ldn//rEzmqGqD8K6hoOeFZSrRCc8cs5FNg/1k?= =?iso-8859-1?q?3BPzdMOsOkFNybnHtpNFmJGDf/0tNia6NLDukaWjSXnD+aJlTjeJX6K+mFTK?= =?iso-8859-1?q?slR3i/iGV9Xqf7YaZDopWE/mRqbCAzYAaAEw+YHs34ZL7ZHynqKQcQlKiNVu?= =?iso-8859-1?q?bgxBBd9fXP1dN3+Jww9VCDlNZVdlFoWfvOm7AHivXSIrLSwQwmC5lBUfhqWL?= =?iso-8859-1?q?z35IUZhi2YXo+b4fyrmGrU2YHaEOW9JVOK6zshBc1HkeaRuU34Hf9NqmE2jG?= =?iso-8859-1?q?hsE1kN+z+CLsI5MWlvEn8mPlyG5ge5x3mP+DlLmKIBmdlTeruBwHYKON916+?= =?iso-8859-1?q?LR/KjkALvumPpEUmK6Fc+555NBNEgatd6wDea+jp9gOLwXKn9kX7zzNrHBLc?= =?iso-8859-1?q?29pxNR3cS6tUGrdR7WQACcNJpmWuN76JTXqU9D3sjTQ702c8UAqFf8Uu7y9A?= =?iso-8859-1?q?6ppQPH2L+8/o61gxbY3/9v5XMnrF5Sfpii8RHRZuvyov0rseciBOVIX0q+Dp?= =?iso-8859-1?q?zpH6YxsLf55LNlaUtOuTyjcf5KD5L/TY8SyS8T6Pu7gZ8sRfyBREOmJQG++?= MIME-Version: 1.0 X-OriginatorOrg: wdc.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR04MB7158.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 86975a09-efc9-406a-fda9-08d924d8c4f0 X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Jun 2021 08:39:25.9642 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: b61c8803-16f3-4c35-9b17-6f65f441df86 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: jM3vC04ByR1H9a6zZa8nv1297ndDm9Q0nunnKOQtVqu74pzWbVgE+PdviZjHDs0MVtouyG9UJds+t1aWDVkmhA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR04MB7317 Precedence: bulk List-ID: X-Mailing-List: linux-block@vger.kernel.org From: Niklas Cassel Performing a BLKREPORTZONE operation should be allowed under the same permissions as read(). (read() does not require CAP_SYS_ADMIN). Remove the CAP_SYS_ADMIN requirement, and instead check that the fd was successfully opened with FMODE_READ. This way BLKREPORTZONE will match the access control requirement of read(). Fixes: 3ed05a987e0f ("blk-zoned: implement ioctls") Signed-off-by: Niklas Cassel Reviewed-by: Damien Le Moal Cc: stable@vger.kernel.org # v4.10+ --- Changes since v1: - Pick up tag from Damien. - Add fixes tag and CC stable. block/blk-zoned.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/block/blk-zoned.c b/block/blk-zoned.c index 0789e6e9f7db..e05fe8dbb06d 100644 --- a/block/blk-zoned.c +++ b/block/blk-zoned.c @@ -288,8 +288,8 @@ int blkdev_report_zones_ioctl(struct block_device *bdev, fmode_t mode, if (!blk_queue_is_zoned(q)) return -ENOTTY; - if (!capable(CAP_SYS_ADMIN)) - return -EACCES; + if (!(mode & FMODE_READ)) + return -EBADF; if (copy_from_user(&rep, argp, sizeof(struct blk_zone_report))) return -EFAULT;