Some ACMDs might actually damage the card. This check ensures the caller has CAP_SYS_ADMIN before allowing such an activity.
Signed-off-by: John Calixto <[email protected]> --- drivers/mmc/card/block.c | 29 +++++++++++++++++++++++++++++ 1 files changed, 29 insertions(+), 0 deletions(-) diff --git a/drivers/mmc/card/block.c b/drivers/mmc/card/block.c index c2e107c..2ed8c57 100644 --- a/drivers/mmc/card/block.c +++ b/drivers/mmc/card/block.c @@ -31,6 +31,7 @@ #include <linux/mutex.h> #include <linux/scatterlist.h> #include <linux/string_helpers.h> +#include <linux/capability.h> #include <linux/compat.h> #include <linux/delay.h> @@ -205,6 +206,34 @@ static int mmc_blk_ioctl_acmd(struct block_device *bdev, goto acmd_done; } + /* + * The following ACMDs are known to be nondestructive. They are used + * by SD security applications (ref: SD Specifications, Part 1, + * Physical Layer Simplified Specification, Version 3.01, Table 4-27). + * Any other commands require CAP_SYS_ADMIN because they may destroy + * the card. + */ + switch (sdic.opcode) { + case SD_APP_SD_STATUS: + case 18: + case 25: + case 26: + case 38: + case 43: + case 44: + case 45: + case 46: + case 47: + case 48: + case 49: + break; + default: + if (!capable(CAP_SYS_ADMIN)) { + err = -EPERM; + goto acmd_done; + } + } + cmd.opcode = sdic.opcode; cmd.arg = sdic.arg; cmd.flags = sdic.flags; -- 1.7.4.1 -- To unsubscribe from this list: send the line "unsubscribe linux-mmc" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
