Linux Disabling Raw Access To Floppy Disks "FDRAWCMD" By Default

Written by Michael Larabel in Hardware on 27 April 2022 at 01:49 PM EDT. 5 Comments
HARDWARE
It's been a rough year for floppy disk support on Linux and goes to show the state of seldom maintained to unmaintained code.

Earlier this year the Linux floppy disk driver in the 5.17 kernel saw a fix to avoid hanging if trying to read and then eject a broken floppy. Last year was also a Linux floppy fix for a regression that had been around for a half-year before being noticed.

The latest floppy pain is a concurrency use-after-free issue being uncovered within the floppy code when using its raw command ioctl (FDRAWCMD). The FDRAWCMD ioctl is used for sending raw commands to the floppy disk controller. This can be used for dealing with non-standard disks, interacting with copy-protected disks, and other non-standard usage.

This use-after-free vulnerability it turns out has been known for years from previous reports and Kernel Address Sanitizer detection. But not many people care about the floppy disk driver these days. Given the FDRAWCMD is just used for non-standard use-cases, the easiest fix is just disabling that interface by default.

Willy Tarreau commented, "The problem is, this driver tends to break very easily and nowadays, nobody is expected to use FDRAWCMD anyway since it was used to manipulate non-standard formats. The risk of breaking the driver is higher than the risk presented by this race, and accessing the device requires privileges anyway."


So added today to Linux Git is now BLK_DEV_FD_RAWCMD that by default keeps this ioctl disabled unless you need to send raw floppy disk commands in 2022 to your floppy disk controller in which case you can enable it. The ioctl is being considered deprecated and will be removed outright in the future.

This change due to being security in nature was merged today to mainline for Linux 5.18.
5 Comments
Related News
Updated Dasharo Firmware Pulls In Raptor Lake Instability Fix, Other Enhancements
IBM Deprecating Linux Drivers For CXL Coherent Accelerators & CAPI Flash
Linux Preps For Kunpeng ARM Server SoC With High Bandwidth Memory
Improved USB4 Debugging Support With Linux 6.13
FSF "Excited" For 802.11n WiFi USB Adapter Costing €50 In 2024 Holiday Shopping Guide
Granular Power Savings Patches Posted For Common "uvcvideo" Linux Webcam Driver
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
COSMIC Alpha 4 Released For System76's Rust-Based Desktop
Rustls Multi-Threaded Performance Is Battering OpenSSL
Fedora 42 Aims To Enhance The Windows Subsystem For Linux Experience
KDE Starts December By Landing A Number Of New Features
Linux 6.12 Officially Promoted To Being An LTS Kernel