Received: by 10.223.185.116 with SMTP id b49csp6362754wrg; Wed, 28 Feb 2018 08:11:24 -0800 (PST) X-Google-Smtp-Source: AH8x2267xWHS07Yw6q8h9WZV6Ll3PP96ZmGPPoI3USgg+ePsHBkddqnlixwogRWOwDytGseWN5XQ X-Received: by 10.101.74.10 with SMTP id s10mr15027062pgq.219.1519834284584; Wed, 28 Feb 2018 08:11:24 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519834284; cv=none; d=google.com; s=arc-20160816; b=sV5ft+tZKeZdAbKy7i/UenpgCKs7zuXAzoZ1VMkueZLNFzWE3ubhCTuhOL/sSPw4MM hhn/kOU0yoj6Pk0lccJ5sEmirabgmQkNyZ18hoGcGW2KikAdLvIWtzm5rypx0+PArCOv IPCqXpbxEN4BRxKZDNgy1PeMJ5OZFIg1dASt3uo01m6w8RP+N/UPH3NaptufjQzn3uk2 VI2qRvGGrNVQaXkKeSWBbDfsSrZ9pc5Jp7E7d4FqZcPMQsMEeC0ukLAv4K+df5Jfxwci KkMyGHz8tSPEJdGXmTbpG5wl6Hj6kseQj3wy9DJXZXxI1wLArCrFFBwfXG60m5xIOQGe CBkA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:subject:message-id:date:cc:to :from:mime-version:content-transfer-encoding:content-disposition :arc-authentication-results; bh=k3dEO0R8AN+oiztzBcJCo9ShVPK0L/x70ZgZXxlR0oc=; b=OxISEmIMha4vg8mvezS1Y2X0NjZqtfSKEp0ULLAMollpHjzWokBVwGtShmYeAbn7ub nrUo9SmB5Yijov/gaTuT7Kj8/AFPMhmRdl4vh5aJlLpB/ZdjssMj3xy6M0BDRlmHWIUd Dt50JasjgMvagF07/HmM9MXlMLIPKLB24s9TG5YmxB2kgnY4HdPfhtGIs5jRDnsuSppB 0nQLD36ku0gsvEYFZDhQ6dtPkX1nOuHNVhbBRq+dX5gpjVmvpeBfwX57GqweCUc/EM2N n32/ji8FaWL0Xs4Ai/LOfhw1O8/up2BiERe6PSQ370tWECAb6nX8VZ/Rir25Fu2Oh+OE nWZQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q8si1206923pgs.203.2018.02.28.08.11.09; Wed, 28 Feb 2018 08:11:24 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S934640AbeB1QI7 (ORCPT + 99 others); Wed, 28 Feb 2018 11:08:59 -0500 Received: from shadbolt.e.decadent.org.uk ([88.96.1.126]:34971 "EHLO shadbolt.e.decadent.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932875AbeB1QIv (ORCPT ); Wed, 28 Feb 2018 11:08:51 -0500 Received: from [2a02:8011:400e:2:6f00:88c8:c921:d332] (helo=deadeye) by shadbolt.decadent.org.uk with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1er3Yg-0006Xc-Pq; Wed, 28 Feb 2018 15:22:19 +0000 Received: from ben by deadeye with local (Exim 4.90_1) (envelope-from ) id 1er3Ye-0008S7-Ry; Wed, 28 Feb 2018 15:22:16 +0000 Content-Type: text/plain; charset="UTF-8" Content-Disposition: inline Content-Transfer-Encoding: 8bit MIME-Version: 1.0 From: Ben Hutchings To: linux-kernel@vger.kernel.org, stable@vger.kernel.org CC: akpm@linux-foundation.org, "Thomas Gleixner" , "Ingo Molnar" , "Greg Kroah-Hartman" , "Ard Biesheuvel" , "Matt Fleming" , "Dave Young" , "Peter Zijlstra" , linux-efi@vger.kernel.org, "Linus Torvalds" , "H. Peter Anvin" Date: Wed, 28 Feb 2018 15:20:18 +0000 Message-ID: X-Mailer: LinuxStableQueue (scripts by bwh) Subject: [PATCH 3.16 061/254] efi: Move some sysfs files to be read-only by root In-Reply-To: X-SA-Exim-Connect-IP: 2a02:8011:400e:2:6f00:88c8:c921:d332 X-SA-Exim-Mail-From: ben@decadent.org.uk X-SA-Exim-Scanned: No (on shadbolt.decadent.org.uk); SAEximRunCond expanded to false Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 3.16.55-rc1 review patch. If anyone has any objections, please let me know. ------------------ From: Greg Kroah-Hartman commit af97a77bc01ce49a466f9d4c0125479e2e2230b6 upstream. Thanks to the scripts/leaking_addresses.pl script, it was found that some EFI values should not be readable by non-root users. So make them root-only, and to do that, add a __ATTR_RO_MODE() macro to make this easier, and use it in other places at the same time. Reported-by: Linus Torvalds Tested-by: Dave Young Signed-off-by: Greg Kroah-Hartman Signed-off-by: Ard Biesheuvel Cc: H. Peter Anvin Cc: Matt Fleming Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: linux-efi@vger.kernel.org Link: http://lkml.kernel.org/r/20171206095010.24170-2-ard.biesheuvel@linaro.org Signed-off-by: Ingo Molnar [bwh: Backported to 3.16: drop changes in esrt.c] Signed-off-by: Ben Hutchings --- --- a/drivers/firmware/efi/efi.c +++ b/drivers/firmware/efi/efi.c @@ -72,8 +72,7 @@ static ssize_t systab_show(struct kobjec return str - buf; } -static struct kobj_attribute efi_attr_systab = - __ATTR(systab, 0400, systab_show, NULL); +static struct kobj_attribute efi_attr_systab = __ATTR_RO_MODE(systab, 0400); #define EFI_FIELD(var) efi.var --- a/drivers/firmware/efi/runtime-map.c +++ b/drivers/firmware/efi/runtime-map.c @@ -67,11 +67,11 @@ static ssize_t map_attr_show(struct kobj return map_attr->show(entry, buf); } -static struct map_attribute map_type_attr = __ATTR_RO(type); -static struct map_attribute map_phys_addr_attr = __ATTR_RO(phys_addr); -static struct map_attribute map_virt_addr_attr = __ATTR_RO(virt_addr); -static struct map_attribute map_num_pages_attr = __ATTR_RO(num_pages); -static struct map_attribute map_attribute_attr = __ATTR_RO(attribute); +static struct map_attribute map_type_attr = __ATTR_RO_MODE(type, 0400); +static struct map_attribute map_phys_addr_attr = __ATTR_RO_MODE(phys_addr, 0400); +static struct map_attribute map_virt_addr_attr = __ATTR_RO_MODE(virt_addr, 0400); +static struct map_attribute map_num_pages_attr = __ATTR_RO_MODE(num_pages, 0400); +static struct map_attribute map_attribute_attr = __ATTR_RO_MODE(attribute, 0400); /* * These are default attributes that are added for every memmap entry. --- a/include/linux/sysfs.h +++ b/include/linux/sysfs.h @@ -82,6 +82,12 @@ struct attribute_group { .show = _name##_show, \ } +#define __ATTR_RO_MODE(_name, _mode) { \ + .attr = { .name = __stringify(_name), \ + .mode = VERIFY_OCTAL_PERMISSIONS(_mode) }, \ + .show = _name##_show, \ +} + #define __ATTR_WO(_name) { \ .attr = { .name = __stringify(_name), .mode = S_IWUSR }, \ .store = _name##_store, \