From patchwork Mon Aug 9 09:50:20 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Niklas Cassel X-Patchwork-Id: 12426121 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 09465C43214 for ; Mon, 9 Aug 2021 09:50:31 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id E39AB61053 for ; Mon, 9 Aug 2021 09:50:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234723AbhHIJut (ORCPT ); Mon, 9 Aug 2021 05:50:49 -0400 Received: from esa6.hgst.iphmx.com ([216.71.154.45]:58993 "EHLO esa6.hgst.iphmx.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233194AbhHIJuq (ORCPT ); Mon, 9 Aug 2021 05:50:46 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=wdc.com; i=@wdc.com; q=dns/txt; s=dkim.wdc.com; t=1628502627; x=1660038627; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=vu6oQ8Xam24dhOX8kVoN1pC4n5WN3eQJ/ZQYm/9zUEs=; b=mSMzzVBZGl8djG50BNNqxWSvAOO1uu4+j1HxWMj5rDYTQnPiJAfEsbbj DieA8B7PWZjj4kq9rP8sX1IS3myfObjlTARjm9qDMqJu1r/E6lHch4lUe 4L0TPt0ix5vcvmv9VmZVOBW8rCM992TFypPPOHghyQea1V3XvBSpebu+B P3zZu6TsqLl6QEFurUzSjNUH8d6lY62yecOZyeBQ/os07aSrIyirp9OJp rLYSz6PnmKm36hcwDNnIDQl6ORQiBIoCCvUdyBKo1wo++hq9fJvYphIyK 3VULSdyKCBZ5XQsSryxvywc+Za4dnWxkU9mp7mKO7qnXQwXN8o90e7Svm A==; X-IronPort-AV: E=Sophos;i="5.84,307,1620662400"; d="scan'208";a="177231219" Received: from mail-dm6nam12lp2171.outbound.protection.outlook.com (HELO NAM12-DM6-obe.outbound.protection.outlook.com) ([104.47.59.171]) by ob1.hgst.iphmx.com with ESMTP; 09 Aug 2021 17:50:26 +0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DnMCLNnNlsT/X3I0MzWAOJxm5Z0COHqVUTCnhA59Wi+DIP8XE9bDQzZCs7r5u/MK3nqf8oLQ7j4Szoo5bVvF8mDjQgCUCPsBRP+V14BdlUs4c/38Q2e4hBJdfmQfJAj4Tp4DheWqI41d9IPO8/Mt6Xo/wwlhRRVZhc9om1pjCir1o5n50bsZPVWVYyxHdEPWgAnBocH4L3VXGT9vi+pII1wCJdoIv5TSnKj2GC3EQZMyRFLsoRXz56u66U6ttHcd35QlZysRjWjQyNISYQqbfyNu9eOnUZgsTZDW8snxlOweCKLuUaDTwvCYQ9nBsDUmB0OLser12swzcrIny23yvg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7W6QQkZ4HHcVc7lTzUAvNrVwYMDyWD0Wi/6hWRVQAzI=; b=ltC0zbWz75OOaq5hLPLb59c7XJextdOuthqJKBiWi6yA1X9QDCGKQmWzRyQX+BB6Y89Nmjc8yG83MrCosnwca9+swVuYxADJ14ufUmLL0h6fB0zcDwBbbxOgSgXcgk0EwHIk7ouJQA36DBIJNXmOjXs7lF7vz9YF9M58fv5cwZIL61OOtbN2Fic7fgw6kW376zANqrG25oSU6cHtI0puLdIZqlLHR9FylD4RZd5+1c8aRwJFh9rnlMnyOGEglB17M4vVhElYb0/8r+p0bmb2ZLHm+N72trx0Br7rSYeTBvDowP5oTZQPctC/QcUtXtiW81A4oryQtUB9MPGVonAuZw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=wdc.com; dmarc=pass action=none header.from=wdc.com; dkim=pass header.d=wdc.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sharedspace.onmicrosoft.com; s=selector2-sharedspace-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7W6QQkZ4HHcVc7lTzUAvNrVwYMDyWD0Wi/6hWRVQAzI=; b=c2rq2Od6o5S/1qjqH/R7FnCN8sEadsblbFDOjHO3/Eq8Eb1dmZyDlPVws0VsUZdRDNKWaHEPRmrdJvBupM6N8eccNa6WJwesEL1/zEjHYThuEKF6j30UFhqbILjF81AODWYcBhIO/BwM71kgL/K3nwiYnCTkrTCpJfyxDnPg2cE= Received: from PH0PR04MB7158.namprd04.prod.outlook.com (2603:10b6:510:8::18) by PH0PR04MB7558.namprd04.prod.outlook.com (2603:10b6:510:54::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4394.21; Mon, 9 Aug 2021 09:50:23 +0000 Received: from PH0PR04MB7158.namprd04.prod.outlook.com ([fe80::ad69:c016:10d5:a3e9]) by PH0PR04MB7158.namprd04.prod.outlook.com ([fe80::ad69:c016:10d5:a3e9%7]) with mapi id 15.20.4394.023; Mon, 9 Aug 2021 09:50:23 +0000 From: Niklas Cassel To: Jens Axboe , Hannes Reinecke , "Martin K. Petersen" , Shaun Tancheff , Damien Le Moal CC: Damien Le Moal , Niklas Cassel , Aravind Ramesh , Adam Manzanares , Himanshu Madhani , "stable@vger.kernel.org" , Jens Axboe , "linux-block@vger.kernel.org" , "linux-kernel@vger.kernel.org" Subject: [PATCH v4 1/2] blk-zoned: allow zone management send operations without CAP_SYS_ADMIN Thread-Topic: [PATCH v4 1/2] blk-zoned: allow zone management send operations without CAP_SYS_ADMIN Thread-Index: AQHXjQP30Hf+JHmZnUepZZSsUIhsww== Date: Mon, 9 Aug 2021 09:50:20 +0000 Message-ID: <20210809094855.6226-2-Niklas.Cassel@wdc.com> References: <20210809094855.6226-1-Niklas.Cassel@wdc.com> In-Reply-To: <20210809094855.6226-1-Niklas.Cassel@wdc.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: git-send-email 2.31.1 authentication-results: kernel.dk; dkim=none (message not signed) header.d=none;kernel.dk; dmarc=none action=none header.from=wdc.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: f1fa41ba-84a1-410b-aeae-08d95b1b1bd4 x-ms-traffictypediagnostic: PH0PR04MB7558: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: wdcipoutbound: EOP-TRUE x-ms-oob-tlc-oobclassifiers: OLM:8273; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: pxB4NvfTXYnTcBvJTcy/5UUu4t1KDMxhSnHpcoheBzjzhcS0r6L3HAExfnyQKPEe2c8AhB5fCv8MXe+EaRSRNkL707TfmIqd37DhvCB+obGKdLDEKC9HbM4/IF+v/HpXkpJY0qj8+ONIFuPWGClHpK3LwHdpSMKzXAoYTSDnoxMIkx5rGwatWNTjLk/qJDmXE8/k9tdpS9IPMeQ8xgwzmq0pAGWD1KuCGVDCRS/wMx4vvdfLPAB0u0BDF9tHHNNRMChTSa4iVNUQZyQi3X4mjOqiL53LLsPEXFUa85PIrcxKgz5XoSckMc1tFUm/dkb8dkHDFKRBvlviuycROVTRbIasBTEzX++YABzDvg9uDmOqqUphjR34+O6jC6kYbNZnS2s+NL+nvvacn2sTWpIhzBnT4kPi3z3dC8tE+Sdjyq0JBCGFMD8DQo2UUY7D+dggWBoqeioh0mA3/zEZRbOhbbA1oWjLd7ShZSvujZ9Kneggqs1v/pFCXFszRJ8/JAD2OfJk2Nk9FMVTXIYd99LbjwrSDDIuvNVdAeYfKlJo8c/Rk4hsHdp5pEi83ruc5L2om6ulVkNGIAErbKjMjxJ5IjRN9NlkihJ1/Kt6lnXk5jq6qFHgD0ru9uonmBeAWJuXB2pOlzZyGv6+HLtpGmpl5BVtsV2C+gXi6N5QZs26XZnD7CbhkDzb3ECTJJGb980nX9W/yNKA+94PMXBXOUiPnw== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR04MB7158.namprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(136003)(346002)(366004)(396003)(376002)(39860400002)(2616005)(38070700005)(7416002)(2906002)(6636002)(6506007)(8676002)(1076003)(91956017)(76116006)(122000001)(186003)(26005)(38100700002)(8936002)(6512007)(4326008)(71200400001)(83380400001)(86362001)(66446008)(66946007)(66556008)(66476007)(478600001)(64756008)(6486002)(5660300002)(110136005)(54906003)(36756003)(316002);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?q?hM+Zm1F1noi90Pb5IyA5SXG?= =?iso-8859-1?q?gX5CIqkcnmCOw1slsEACP+aPCxi04Nfd9sZyB96ct5OEELz7a7cKRs4DNbY8?= =?iso-8859-1?q?b7VX6vbl232ndWQguK8P6kNEQD2qwdcQOlGiUontVwG6Rh1TreKlAV6zpRBy?= =?iso-8859-1?q?Izej3w733L2QtDjbCznBdNzNZnjqYGPGF8+dfcS11wNo8g3iLXyUZi64nPT5?= =?iso-8859-1?q?NA0B6X79Ka76TEs4vLtxb+bKkunhTxQEO13VpM4SmEMNpXtazB7t0/CUYNl9?= =?iso-8859-1?q?ikTRVzD4bhZanri+pachprx9PB+JSENvMsm9nFKQr4A4+Ies9j3om1U0Yfg0?= =?iso-8859-1?q?EhbNez0QcNlQc0rhGYNKsbP0YxGIf7HzNOaYGzXhGtOgKVB6j3O5SxbJFeiC?= =?iso-8859-1?q?vAEG9V6SC7PBIkXSMoRzI3MuJ5J7Pt+kG6y2/Ze7T1rzA2C70pQHPm+cQ8vM?= =?iso-8859-1?q?47/dbHca4r+LCqlGRu5SKVllVWZ8zQYzKII2/AiW0IWvJ6XL4o+b/N4NufHp?= =?iso-8859-1?q?zpU3LPbveCBjrn/RPHKVsm69EUsiMeH4H6AO8umLW9FDwQ+/W/cLsps77wkp?= =?iso-8859-1?q?2B7jtrM12h6KvU/GeSRTMbAEK2vJW92Vn0enQntEsGJT2ajOYvikeOHkE/FC?= =?iso-8859-1?q?d88EfcMAqHigRrorM3vNobLGKvaWie1UnRUHD/oHzpCf08KaN7xjMCWDNJiR?= =?iso-8859-1?q?7u1VNfrRNg7bWkfbWbt85IkU+HDoZq+coZXIjvXwDiupVDNjdLpOobHcByiN?= =?iso-8859-1?q?TyCLxyBm3Yy8eIGgSRdfDwCFEUv5GZeR7DORmt5gdQ6Lp3yE3n3RA2QoKFYk?= =?iso-8859-1?q?vkAhMWNV8Za7ONjZrkOekTK7eqfn3r/WOfB2USzUBmk2gJ9VGD9ZAux11SKd?= =?iso-8859-1?q?NRtXqxRgr2uZtpRGfGRzF9g55K7yUhlsbUR/RwZ0BpQsDpjPm6AhnNtqF01e?= =?iso-8859-1?q?chwj3UfotHWLz/+JC9ops/nVbUaX3Pih9SL1ia9+W/QkmaBg3ig0NGuIBh92?= =?iso-8859-1?q?Z/R+raCcDP5OYYbE2u6riXutpf2lbXzf/MtO+2Lf1jlhwENLphzC9JtANzSY?= =?iso-8859-1?q?C0H+nJLWX/5F/zYHpHn03yzIwRsjS9LN9YS/c1NhV2p8Z7O0bsIK79PlWvce?= =?iso-8859-1?q?amupRBmL8N4mwX/Y1vyCJYWBjGStm1PHV9jwflZTwL4TQUQFRdSoYWFzm9gk?= =?iso-8859-1?q?4ePdsqJ5emogu0DJZenluv1ldPAu4h2dYl5gSn0YQJRImuB6hTbJLsm8NP/h?= =?iso-8859-1?q?0E5HIOoB1ldwbicltJdPKgX73sbH9+S1oCUTTJp+94Hly59P+9f3cGWKUyRo?= =?iso-8859-1?q?5QxTW+JEuSYgFQGf7Y88WPohQVksQAEj+MezT36kJZOQRxuv73AjciJcdVVX?= =?iso-8859-1?q?F?= MIME-Version: 1.0 X-OriginatorOrg: wdc.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR04MB7158.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: f1fa41ba-84a1-410b-aeae-08d95b1b1bd4 X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Aug 2021 09:50:20.9193 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: b61c8803-16f3-4c35-9b17-6f65f441df86 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: QK6+O1wL1IZv4BRP8C9cayZP5gTaRfWQo9UIeRe+P5paoKhNcfxx4ZeJz+lSSkBhr7ye0Fu0JqA1cXTceuHWAA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR04MB7558 Precedence: bulk List-ID: X-Mailing-List: linux-block@vger.kernel.org From: Niklas Cassel Zone management send operations (BLKRESETZONE, BLKOPENZONE, BLKCLOSEZONE and BLKFINISHZONE) should be allowed under the same permissions as write(). (write() does not require CAP_SYS_ADMIN). Additionally, other ioctls like BLKSECDISCARD and BLKZEROOUT only check if the fd was successfully opened with FMODE_WRITE. (They do not require CAP_SYS_ADMIN). Currently, zone management send operations require both CAP_SYS_ADMIN and that the fd was successfully opened with FMODE_WRITE. Remove the CAP_SYS_ADMIN requirement, so that zone management send operations match the access control requirement of write(), BLKSECDISCARD and BLKZEROOUT. Fixes: 3ed05a987e0f ("blk-zoned: implement ioctls") Signed-off-by: Niklas Cassel Reviewed-by: Damien Le Moal Reviewed-by: Aravind Ramesh Reviewed-by: Adam Manzanares Reviewed-by: Himanshu Madhani Cc: stable@vger.kernel.org # v4.10+ Reviewed-by: Johannes Thumshirn --- Changes since v3: -Picked up additional Reviewed-by tags. Note to backporter: Function was added as blkdev_reset_zones_ioctl() in v4.10. Function was renamed to blkdev_zone_mgmt_ioctl() in v5.5. The patch is valid both before and after the function rename. block/blk-zoned.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/block/blk-zoned.c b/block/blk-zoned.c index 86fce751bb17..8a60dbeb44be 100644 --- a/block/blk-zoned.c +++ b/block/blk-zoned.c @@ -421,9 +421,6 @@ int blkdev_zone_mgmt_ioctl(struct block_device *bdev, fmode_t mode, if (!blk_queue_is_zoned(q)) return -ENOTTY; - if (!capable(CAP_SYS_ADMIN)) - return -EACCES; - if (!(mode & FMODE_WRITE)) return -EBADF; From patchwork Mon Aug 9 09:50:21 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Niklas Cassel X-Patchwork-Id: 12426123 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7BB00C43216 for ; Mon, 9 Aug 2021 09:50:32 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5FA0D6023B for ; Mon, 9 Aug 2021 09:50:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233194AbhHIJuu (ORCPT ); Mon, 9 Aug 2021 05:50:50 -0400 Received: from esa6.hgst.iphmx.com ([216.71.154.45]:58993 "EHLO esa6.hgst.iphmx.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233267AbhHIJus (ORCPT ); Mon, 9 Aug 2021 05:50:48 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=wdc.com; i=@wdc.com; q=dns/txt; s=dkim.wdc.com; t=1628502629; x=1660038629; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=V0eg2AndzzF5Q5EZFxjDCJAHXcseIiV4VB7KIJ+t7bw=; b=PjorLXjPWtU7OnW2LSwnetHdKczPKH8jwjv/6TiNZJpY/xugj/MTTsYh shTwVefqnmr+cJZm7Dg57wZgWAA96QPFdu5hgDSNoCtrt8ww2SK5Dw9HW eOv69xc3uGsNpRUpdxE7As2UlP5PBWB8gQqW45ewtC5BTbcqwYW1ZQafO SvPvjQHdArsG/e8KbtiiM1fRUe5OFHLop08VGrHEnyyEgs25BqKP6uT98 w9QdXrBdj97Suw51mv6UzDou0PXkRuRpOOQOKy/s+VedrKgm+kvHgwL/k U4wpTVs4DSYXhHO96L3KqV1pBibGTJR/kvyldDYsuR2s6MokNC4WXKojC A==; X-IronPort-AV: E=Sophos;i="5.84,307,1620662400"; d="scan'208";a="177231222" Received: from mail-dm6nam12lp2171.outbound.protection.outlook.com (HELO NAM12-DM6-obe.outbound.protection.outlook.com) ([104.47.59.171]) by ob1.hgst.iphmx.com with ESMTP; 09 Aug 2021 17:50:27 +0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mGb/LbmyMW320ZgaP3PScf2q2K/ZnMmTqd1pJ2RMbuG7maJgvzgLPcafTVOnMKmU+4HxyCBUR4I4O7J2W+3cv0FkxQsw0mCh1/nrLygVZkLtaLKRBK0lFBTzqMAfJLXLACyewxHSlbJQFfQtzmHrYizGm69oENhE6ONV5myW2weVqBMNG2uX7tm3K8uWpGE5thd5i0lXlRwSQBzz27S6E0MqWOF2WABa1ehuCmRaVAZ0bQHrZTUdbiEJXv6I5+t0PUsoQ1K58Hk1tRmMjunzwFCAXhYJBTmI+b0reSImhuMIJ4/oMzXspLhfe/xWlOOQDxYCi1BSC6kBxJtHEZlkPg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wU2XoX/8tLv5nfSqOsE538TpQz/S8qDDFXkXMpdeUFg=; b=GSEikCuGqGElkyuJcfp2gc/htw1xodb5prN/6EjlF9PFBb87Wn9zGVFWySPkAOBjpGXCup8g8rVwqMReLxJJYeVnansokCktQW3OT9EjraqKBaG31gauiPVTqzdW8/yL88HhaSw6LwRajchMHp61wmAb/ZUgFsVH++2AtVUhtLEEt2OnvKbJ9SaM3avxlp6/tv4a3pmSZDxHbG50ypEfV3yyEc1TMh4a+rTCT/gbSg7x6nAB6kAUWsBhdXGONWPTuhCrk0kgsFRv/El0W0CCQaNvU2nnfhenFYy3HGlTX0T9y0peGWP1Q6ozgJqxPy5BEmU7BTg1eI1x+aAYdgmXeg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=wdc.com; dmarc=pass action=none header.from=wdc.com; dkim=pass header.d=wdc.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sharedspace.onmicrosoft.com; s=selector2-sharedspace-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wU2XoX/8tLv5nfSqOsE538TpQz/S8qDDFXkXMpdeUFg=; b=Wm8sOH6HWnRIqn+R4n61diEH7o3psKqB5mjDUzS1zFM1lH6jILsBau1RqAwgk/oe77ImwgrrZDYUpuPc8jCS/dKKHl+XNf7N8jW/vT2Py6jsff0JeJ0tP401W426IcIHndx9PWFX6QNCfQILPjApYKn34rPkk7zs8AVskbGoBYk= Received: from PH0PR04MB7158.namprd04.prod.outlook.com (2603:10b6:510:8::18) by PH0PR04MB7558.namprd04.prod.outlook.com (2603:10b6:510:54::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4394.21; Mon, 9 Aug 2021 09:50:24 +0000 Received: from PH0PR04MB7158.namprd04.prod.outlook.com ([fe80::ad69:c016:10d5:a3e9]) by PH0PR04MB7158.namprd04.prod.outlook.com ([fe80::ad69:c016:10d5:a3e9%7]) with mapi id 15.20.4394.023; Mon, 9 Aug 2021 09:50:24 +0000 From: Niklas Cassel To: Jens Axboe , Damien Le Moal , Hannes Reinecke , Shaun Tancheff , "Martin K. Petersen" CC: Damien Le Moal , Niklas Cassel , Damien Le Moal , Aravind Ramesh , Adam Manzanares , Himanshu Madhani , "stable@vger.kernel.org" , Jens Axboe , "linux-block@vger.kernel.org" , "linux-kernel@vger.kernel.org" Subject: [PATCH v4 2/2] blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN Thread-Topic: [PATCH v4 2/2] blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN Thread-Index: AQHXjQP4aNCn2fw5YUWhEgczWRLRaw== Date: Mon, 9 Aug 2021 09:50:21 +0000 Message-ID: <20210809094855.6226-3-Niklas.Cassel@wdc.com> References: <20210809094855.6226-1-Niklas.Cassel@wdc.com> In-Reply-To: <20210809094855.6226-1-Niklas.Cassel@wdc.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: git-send-email 2.31.1 authentication-results: kernel.dk; dkim=none (message not signed) header.d=none;kernel.dk; dmarc=none action=none header.from=wdc.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 63dae971-40ef-43dd-58b7-08d95b1b1c01 x-ms-traffictypediagnostic: PH0PR04MB7558: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: wdcipoutbound: EOP-TRUE x-ms-oob-tlc-oobclassifiers: OLM:8273; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: C7723HRfUXrekXsXIhRZCpIt+vFXh/Q1gBXjgSNUgg9l6+rPOO5ACi8wjbT2rKCGrXCyazb+bPKhyaBEKz0XPFuiK77tljHT98WF2SpQ4kVvyyQTLnLqIFOwZ7oT1YdYY7ZsBL7BBotRZO44TU19n//FBk5b8TG8v7RpJ+/ReoJryFz9rn7AJThPfj7zXztC6odkL7PFH8ttU3Hlmb03yfEpy8VGNlFn8CrexP63ln/Es1iygWzyjZBUKjM2OVzZgluAAFAOOnKX5o0ch8Aj3fc4g6h1Q65J6mSZkgdVZuUjkSvEdfIlIekU/TMDTPAH1jAMRHqWijr+IrEs//nXqxTk3+7dOOx1zJYo2vxlkuAu5AUvv/bV3VPPdHs9lmmtach1xVF9H7uPHZJmn648LqpBktxHcGKcgHtYczXb50djNRRDblxs8I5AJTTLiv4ksg1vn0YgphWPdIQYsVFcUWqTq6nMhP4MOQQBUKY1eziESihBUk+MIReSM1UKV2iYkxQDF0CiF1M4ip3qzYDHId5tdZnQ8P84g8P+Bn/zrKRHW0V58WH69TJZcwxjlcTDOt+pBvprc8T+rs52AT1aTcECnfXCxroW4hmiF27JJ/x803EwuymNr6qujWTRRPf8sgFRtVA9t6ayrLzIwJAKF3Cg+7YNvyNYCXw0vW4clC1jLVi48yaDZAboML3FuZwjrZmXEppky4ejMfNj3Gf9sg== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR04MB7158.namprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(136003)(346002)(366004)(396003)(376002)(39860400002)(2616005)(38070700005)(7416002)(2906002)(6506007)(8676002)(1076003)(91956017)(76116006)(122000001)(186003)(26005)(38100700002)(8936002)(6512007)(4326008)(71200400001)(83380400001)(86362001)(66446008)(66946007)(66556008)(66476007)(6666004)(478600001)(64756008)(6486002)(5660300002)(110136005)(54906003)(36756003)(316002);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?q?jzXj/YMya20Fb4wBZpYJS4G?= =?iso-8859-1?q?yCi8wuzrcc15ZveCz1F/fDRUHSlsSiisxBwUwHAS4KBrCDeAV53xZRo/0LdK?= =?iso-8859-1?q?GApmA6BYmAeMBQuTnlls1r+LuO8hBrObzicyKD7xmBlSbDeORLS0R2v6W0RZ?= =?iso-8859-1?q?kG9+7WLNGjkCV7AeAts33fQscRqkCBfs4at+C2SxKaJgzwi1fYRwNSKDIC+T?= =?iso-8859-1?q?98UXmowSiLbC7QLhDL+GZaK+9lg1MpLKE77gmqieHsmLVO6wGknJqKPwawaS?= =?iso-8859-1?q?SjggioG0AcpqGdPyNmnBTaYAopk+/2cpEdWXkPSxpnNocqzPlsC+EsA5Q5Ur?= =?iso-8859-1?q?9JP9drZFwgxJY6rH22isVez9er5GPUpoav+hypzXGFXDRw4lzsIdpeZToPOZ?= =?iso-8859-1?q?kS1J7ndDz9byxPiDyclLv0GlLtSIFUYmxQ0vcgn7EnpjvITLlMy6u0aXA7I5?= =?iso-8859-1?q?Whwgw7VN/rPYVbGLX2jgkQRJLN6fugEhoOzFK1OvIn99j+opbLFD1ujbPs5U?= =?iso-8859-1?q?wj/T+kXdnYRfDIiQkKgpaz8Pfp9yNDKjrJBYJAXEVcUrHST1KJSoKOc0YpZA?= =?iso-8859-1?q?AOd6otU+Mm3cwhGEy1g+i1/fQXOovoewCqmFSn+lHP8E08ICgbDdDuKnLnhZ?= =?iso-8859-1?q?dPIS/hMmXbEIe9H4Cv+wsvkO35um77krE8If3U320n83HpYj0BHPrbomRlPD?= =?iso-8859-1?q?J6wIL2fG6k/6H9I7sdg/x1kgZaRH/zMQldK9HlbpIu2FUg6zAnspc1n1ShO5?= =?iso-8859-1?q?l7z0vPo2MKnhXdp4DpV7lhPaxxhpolxNVy9onOwtEyS1FcdDBrXtQn1hY9Xr?= =?iso-8859-1?q?/AHSM7HJJjYJKUalSBAmPqW8703c01coiNqW9tcI6aSS27UHxD7CI8gqFb/q?= =?iso-8859-1?q?WqaY9GYYkFMiftlmk1lvJ6jmWNBBV4SaxtwudrVj/6N8CcDWP1wyEmJHQDTR?= =?iso-8859-1?q?NbHBqr1U7wiR+Q7jf5kF+0vcG81bELY8OaCiJYSG9AmltgxI2H5oV9D66EUu?= =?iso-8859-1?q?1Nc+JpJ3uOvJYKtaLuzODBM3XLE+IqzvY137AOWrpbegJA5Mcpsl9nh9grqa?= =?iso-8859-1?q?1qKJjeK+hFR7302e+PvkPKehwpOl1dRVmITpsRS2R+L0fm19gY9bwgXohLJ+?= =?iso-8859-1?q?66OpIgUXuMtYrUkTu1db0HJ4pjzXAAp+oZ5uXX53lt4JZiLpMB+VCNCEKDnv?= =?iso-8859-1?q?IxhkiiJABWb2r10zBXrAt+UQU+c6UjpxwHqIU3iEkq6tpU1JWXf15BYayelo?= =?iso-8859-1?q?3g0NYpwOCah8M3gU3eZq3M7qQUKcA1sLs8OPXW35Q/TE48dIYYoNmIwrFzyq?= =?iso-8859-1?q?ays7Lq/CdgU6Mtw1SvGty+cFQrE7LKGHB9CypBExcP/dXHpwgPhl9oEaRgCn?= =?iso-8859-1?q?3?= MIME-Version: 1.0 X-OriginatorOrg: wdc.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR04MB7158.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 63dae971-40ef-43dd-58b7-08d95b1b1c01 X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Aug 2021 09:50:21.6700 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: b61c8803-16f3-4c35-9b17-6f65f441df86 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: pfw5d+xjd19gyHFSWcdG1Rg2pIRS1tgX/+9G6qSPPQf+Lzq3AogUPcoxk0wwysMoDsOTtj4sKzdrxAorCX3XlA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR04MB7558 Precedence: bulk List-ID: X-Mailing-List: linux-block@vger.kernel.org From: Niklas Cassel A user space process should not need the CAP_SYS_ADMIN capability set in order to perform a BLKREPORTZONE ioctl. Getting the zone report is required in order to get the write pointer. Neither read() nor write() requires CAP_SYS_ADMIN, so it is reasonable that a user space process that can read/write from/to the device, also can get the write pointer. (Since e.g. writes have to be at the write pointer.) Fixes: 3ed05a987e0f ("blk-zoned: implement ioctls") Signed-off-by: Niklas Cassel Reviewed-by: Damien Le Moal Reviewed-by: Aravind Ramesh Reviewed-by: Adam Manzanares Reviewed-by: Himanshu Madhani Cc: stable@vger.kernel.org # v4.10+ Reviewed-by: Johannes Thumshirn --- Changes since v3: -Picked up additional Reviewed-by tags. block/blk-zoned.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/block/blk-zoned.c b/block/blk-zoned.c index 8a60dbeb44be..1d0c76c18fc5 100644 --- a/block/blk-zoned.c +++ b/block/blk-zoned.c @@ -360,9 +360,6 @@ int blkdev_report_zones_ioctl(struct block_device *bdev, fmode_t mode, if (!blk_queue_is_zoned(q)) return -ENOTTY; - if (!capable(CAP_SYS_ADMIN)) - return -EACCES; - if (copy_from_user(&rep, argp, sizeof(struct blk_zone_report))) return -EFAULT;