From de139a3393958c5adc75b7df7619d7e48d9ea559 Mon Sep 17 00:00:00 2001 From: Chris Wright Date: Thu, 13 May 2010 10:43:07 -0700 Subject: [PATCH] pci: check caps from sysfs file open to read device dependent config space The PCI config space bin_attr read handler has a hardcoded CAP_SYS_ADMIN check to verify privileges before allowing a user to read device dependent config space. This is meant to protect from an unprivileged user potentially locking up the box. When assigning a PCI device directly to a guest with libvirt and KVM, the sysfs config space file is chown'd to the unprivileged user that the KVM guest will run as. The guest needs to have full access to the device's config space since it's responsible for driving the device. However, despite being the owner of the sysfs file, the CAP_SYS_ADMIN check will not allow read access beyond the config header. With this patch we check privileges against the capabilities used when openining the sysfs file. The allows a privileged process to open the file and hand it to an unprivileged process, and the unprivileged process can still read all of the config space. Signed-off-by: Chris Wright Acked-by: Jesse Barnes Cc: Alan Cox Signed-off-by: Greg Kroah-Hartman --- drivers/pci/pci-sysfs.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c index ad44557e65c4..6309c5a2528f 100644 --- a/drivers/pci/pci-sysfs.c +++ b/drivers/pci/pci-sysfs.c @@ -21,6 +21,7 @@ #include #include #include +#include #include #include #include @@ -367,7 +368,7 @@ pci_read_config(struct file *filp, struct kobject *kobj, u8 *data = (u8*) buf; /* Several chips lock up trying to read undefined config space */ - if (capable(CAP_SYS_ADMIN)) { + if (cap_raised(filp->f_cred->cap_effective, CAP_SYS_ADMIN)) { size = dev->cfg_size; } else if (dev->hdr_type == PCI_HEADER_TYPE_CARDBUS) { size = 128; -- 2.34.1