tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: pass-through linux ioctl for mfi(4)



On Sun, Sep 16, 2012 at 10:43:40AM -0400, Thor Lancelot Simon wrote:
> On Sun, Sep 16, 2012 at 03:23:22PM +0200, Manuel Bouyer wrote:
> > Hello,
> > the attached patch adds a pass-through ioctl interface, with the
> > necessery linux compat code, for mfi(4). This allows to run the
> > linux binary of the MegaCLI tool provided by LSI logic.
> 
> This ioctl is extremely dangerous.  The driver passes the command
> to the device firmware with no parsing or access control of any
> kind.  Are we really sure we want to support this?  It is a
> truly gaping security hole.

Yes, of course it's a risk. We support a similar ioctl for other drivers,
e.g. amr(4). the pass-through for scsi(4) and ata(4) devices could
probably do something similar too.
But the this controller is much less usefull without management tool
(there's no much point in having hot-plug hardware if you have to reboot
and enter firmware when you unplug/replug).

I'd expect the kauth call to dissalow this at securelevel 1 or above
(this is a cut-n-paste from amr(4)).

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--


Home | Main Index | Thread Index | Old Index