• C
    pci: check caps from sysfs file open to read device dependent config space · de139a33
    Chris Wright 提交于
    The PCI config space bin_attr read handler has a hardcoded CAP_SYS_ADMIN
    check to verify privileges before allowing a user to read device
    dependent config space.  This is meant to protect from an unprivileged
    user potentially locking up the box.
    
    When assigning a PCI device directly to a guest with libvirt and KVM,
    the sysfs config space file is chown'd to the unprivileged user that
    the KVM guest will run as.  The guest needs to have full access to the
    device's config space since it's responsible for driving the device.
    However, despite being the owner of the sysfs file, the CAP_SYS_ADMIN
    check will not allow read access beyond the config header.
    
    With this patch we check privileges against the capabilities used when
    openining the sysfs file.  The allows a privileged process to open the
    file and hand it to an unprivileged process, and the unprivileged process
    can still read all of the config space.
    Signed-off-by: NChris Wright <chrisw@sous-sol.org>
    Acked-by: NJesse Barnes <jbarnes@virtuousgeek.org>
    Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
    Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
    de139a33
pci-sysfs.c 29.6 KB