• Jay Fenlason's avatar
    firewire: prevent userspace from accessing shut down devices · 551f4cb9
    Jay Fenlason authored
    If userspace ignores the POLLERR bit from poll(), and only attempts to
    read() the device when POLLIN is set, it can still make ioctl() calls on
    a device that has been removed from the system.  The node_id and
    generation returned by GET_INFO will be outdated, but INITIATE_BUS_RESET
    would still cause a bus reset, and GET_CYCLE_TIMER will return data.
    And if you guess the correct generation to use, you can send requests to
    a different device on the bus, and get responses back.
    
    This patch prevents open, ioctl, compat_ioctl, and mmap against shutdown
    devices.
    Signed-off-by: default avatarJay Fenlason <fenlason@redhat.com>
    Signed-off-by: default avatarStefan Richter <stefanr@s5r6.in-berlin.de>
    551f4cb9
fw-cdev.c 25.4 KB