Received: by 10.223.185.116 with SMTP id b49csp6362754wrg;
        Wed, 28 Feb 2018 08:11:24 -0800 (PST)
X-Google-Smtp-Source: AH8x2267xWHS07Yw6q8h9WZV6Ll3PP96ZmGPPoI3USgg+ePsHBkddqnlixwogRWOwDytGseWN5XQ
X-Received: by 10.101.74.10 with SMTP id s10mr15027062pgq.219.1519834284584;
        Wed, 28 Feb 2018 08:11:24 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1519834284; cv=none;
        d=google.com; s=arc-20160816;
        b=sV5ft+tZKeZdAbKy7i/UenpgCKs7zuXAzoZ1VMkueZLNFzWE3ubhCTuhOL/sSPw4MM
         hhn/kOU0yoj6Pk0lccJ5sEmirabgmQkNyZ18hoGcGW2KikAdLvIWtzm5rypx0+PArCOv
         IPCqXpbxEN4BRxKZDNgy1PeMJ5OZFIg1dASt3uo01m6w8RP+N/UPH3NaptufjQzn3uk2
         VI2qRvGGrNVQaXkKeSWBbDfsSrZ9pc5Jp7E7d4FqZcPMQsMEeC0ukLAv4K+df5Jfxwci
         KkMyGHz8tSPEJdGXmTbpG5wl6Hj6kseQj3wy9DJXZXxI1wLArCrFFBwfXG60m5xIOQGe
         CBkA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:in-reply-to:subject:message-id:date:cc:to
         :from:mime-version:content-transfer-encoding:content-disposition
         :arc-authentication-results;
        bh=k3dEO0R8AN+oiztzBcJCo9ShVPK0L/x70ZgZXxlR0oc=;
        b=OxISEmIMha4vg8mvezS1Y2X0NjZqtfSKEp0ULLAMollpHjzWokBVwGtShmYeAbn7ub
         nrUo9SmB5Yijov/gaTuT7Kj8/AFPMhmRdl4vh5aJlLpB/ZdjssMj3xy6M0BDRlmHWIUd
         Dt50JasjgMvagF07/HmM9MXlMLIPKLB24s9TG5YmxB2kgnY4HdPfhtGIs5jRDnsuSppB
         0nQLD36ku0gsvEYFZDhQ6dtPkX1nOuHNVhbBRq+dX5gpjVmvpeBfwX57GqweCUc/EM2N
         n32/ji8FaWL0Xs4Ai/LOfhw1O8/up2BiERe6PSQ370tWECAb6nX8VZ/Rir25Fu2Oh+OE
         nWZQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id q8si1206923pgs.203.2018.02.28.08.11.09;
        Wed, 28 Feb 2018 08:11:24 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S934640AbeB1QI7 (ORCPT <rfc822;speed.demon0047@gmail.com>
        + 99 others); Wed, 28 Feb 2018 11:08:59 -0500
Received: from shadbolt.e.decadent.org.uk ([88.96.1.126]:34971 "EHLO
        shadbolt.e.decadent.org.uk" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S932875AbeB1QIv (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 28 Feb 2018 11:08:51 -0500
Received: from [2a02:8011:400e:2:6f00:88c8:c921:d332] (helo=deadeye)
        by shadbolt.decadent.org.uk with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
        (Exim 4.84_2)
        (envelope-from <ben@decadent.org.uk>)
        id 1er3Yg-0006Xc-Pq; Wed, 28 Feb 2018 15:22:19 +0000
Received: from ben by deadeye with local (Exim 4.90_1)
        (envelope-from <ben@decadent.org.uk>)
        id 1er3Ye-0008S7-Ry; Wed, 28 Feb 2018 15:22:16 +0000
Content-Type: text/plain; charset="UTF-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
From:   Ben Hutchings <ben@decadent.org.uk>
To:     linux-kernel@vger.kernel.org, stable@vger.kernel.org
CC:     akpm@linux-foundation.org, "Thomas Gleixner" <tglx@linutronix.de>,
        "Ingo Molnar" <mingo@kernel.org>,
        "Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
        "Ard Biesheuvel" <ard.biesheuvel@linaro.org>,
        "Matt Fleming" <matt@codeblueprint.co.uk>,
        "Dave Young" <dyoung@redhat.com>,
        "Peter Zijlstra" <peterz@infradead.org>, linux-efi@vger.kernel.org,
        "Linus Torvalds" <torvalds@linux-foundation.org>,
        "H. Peter Anvin" <hpa@zytor.com>
Date:   Wed, 28 Feb 2018 15:20:18 +0000
Message-ID: <lsq.1519831218.738032988@decadent.org.uk>
X-Mailer: LinuxStableQueue (scripts by bwh)
Subject: [PATCH 3.16 061/254] efi: Move some sysfs files to be read-only
 by root
In-Reply-To: <lsq.1519831217.271785318@decadent.org.uk>
X-SA-Exim-Connect-IP: 2a02:8011:400e:2:6f00:88c8:c921:d332
X-SA-Exim-Mail-From: ben@decadent.org.uk
X-SA-Exim-Scanned: No (on shadbolt.decadent.org.uk); SAEximRunCond expanded to false
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

3.16.55-rc1 review patch.  If anyone has any objections, please let me know.

------------------

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

commit af97a77bc01ce49a466f9d4c0125479e2e2230b6 upstream.

Thanks to the scripts/leaking_addresses.pl script, it was found that
some EFI values should not be readable by non-root users.

So make them root-only, and to do that, add a __ATTR_RO_MODE() macro to
make this easier, and use it in other places at the same time.

Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Tested-by: Dave Young <dyoung@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/20171206095010.24170-2-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
[bwh: Backported to 3.16: drop changes in esrt.c]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
---
--- a/drivers/firmware/efi/efi.c
+++ b/drivers/firmware/efi/efi.c
@@ -72,8 +72,7 @@ static ssize_t systab_show(struct kobjec
 	return str - buf;
 }
 
-static struct kobj_attribute efi_attr_systab =
-			__ATTR(systab, 0400, systab_show, NULL);
+static struct kobj_attribute efi_attr_systab = __ATTR_RO_MODE(systab, 0400);
 
 #define EFI_FIELD(var) efi.var
 
--- a/drivers/firmware/efi/runtime-map.c
+++ b/drivers/firmware/efi/runtime-map.c
@@ -67,11 +67,11 @@ static ssize_t map_attr_show(struct kobj
 	return map_attr->show(entry, buf);
 }
 
-static struct map_attribute map_type_attr = __ATTR_RO(type);
-static struct map_attribute map_phys_addr_attr   = __ATTR_RO(phys_addr);
-static struct map_attribute map_virt_addr_attr  = __ATTR_RO(virt_addr);
-static struct map_attribute map_num_pages_attr  = __ATTR_RO(num_pages);
-static struct map_attribute map_attribute_attr  = __ATTR_RO(attribute);
+static struct map_attribute map_type_attr = __ATTR_RO_MODE(type, 0400);
+static struct map_attribute map_phys_addr_attr = __ATTR_RO_MODE(phys_addr, 0400);
+static struct map_attribute map_virt_addr_attr = __ATTR_RO_MODE(virt_addr, 0400);
+static struct map_attribute map_num_pages_attr = __ATTR_RO_MODE(num_pages, 0400);
+static struct map_attribute map_attribute_attr = __ATTR_RO_MODE(attribute, 0400);
 
 /*
  * These are default attributes that are added for every memmap entry.
--- a/include/linux/sysfs.h
+++ b/include/linux/sysfs.h
@@ -82,6 +82,12 @@ struct attribute_group {
 	.show	= _name##_show,						\
 }
 
+#define __ATTR_RO_MODE(_name, _mode) {					\
+	.attr	= { .name = __stringify(_name),				\
+		    .mode = VERIFY_OCTAL_PERMISSIONS(_mode) },		\
+	.show	= _name##_show,						\
+}
+
 #define __ATTR_WO(_name) {						\
 	.attr	= { .name = __stringify(_name), .mode = S_IWUSR },	\
 	.store	= _name##_store,					\