Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp1127704pxb;
        Thu, 4 Mar 2021 04:09:29 -0800 (PST)
X-Google-Smtp-Source: ABdhPJxyT+hmIlXxnWrT9ZqxwvKcKR2D8QP11Rqhv3Al3qSS6JenwAdhRvjyq72f1SBdkbKKWnrP
X-Received: by 2002:a17:906:7c44:: with SMTP id g4mr3128844ejp.269.1614859769069;
        Thu, 04 Mar 2021 04:09:29 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1614859769; cv=none;
        d=google.com; s=arc-20160816;
        b=et9oqZe1MqwvTrBNvTo1fAcOKPXRtR87CwC0RdtPHy5bwWabvmAf+a+KQzF+w6G3O9
         5iBi8vsLl1f7cpiNktWzxfUEp1gnCt1rmARHtLWgsP2QTjYXiw4bUvkQhxwhQ8KHB0yO
         LhfnZa2BH3HoTa4oor9e0VtfJi4mcdDpC5jVUNiMkH0McaVVcgGz+4ieC1HhrKVbk8T1
         qCEod4WKOOWpCQrXluGKATebh6jWwYtl7bnWiwoKKYY6ZUHaCxtC6SR3pPZjMv0LwiwL
         h304AhDuFy2TWQwb9gym2kqKhOz7Hvaj5Z9/dwNgmoAW5LC2ubPq3agfe9ONFAXxLAG2
         n6Hw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:message-id:user-agent:references:in-reply-to
         :subject:cc:to:from:date:content-transfer-encoding:mime-version
         :dkim-signature;
        bh=nBW9WYF4VIOc6BFxnRf5anhpRbWsUv3hkVrcjwL2WwU=;
        b=prHNjj3zSIN310SoxFk5f1y0VT2PTegDjYk/GM0tcdlbufja1tqxYHWru529X5lqvv
         xnPiUxW+etotfZxmb/8xlEffzmWPQAF+tR7F/i7SRDtTapIS78FChRrVxK2vYTekBG18
         +Fyp2UL8inBYRCE2cjkDYeoyjshnXx9QV8gwxkVvPVAQLHTHd6KKJ2tfqrpAqoKE4jGM
         z1Kr8JVW1CXroyJ1Vh2N/Z8USPDj5t0Pl31lGb0S1uZIPI9aXLjyPBaLlxrSu0f/m844
         402O2ISg3TcWuYLaM2HjPqknQ5dJyJaMHI/xtFCGM+ADUx+TAFSldtV6ZHZ4TNvLU1sD
         2kUg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@walle.cc header.s=mail2016061301 header.b=iBEg8N8O;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id z31si3341208ede.226.2021.03.04.04.09.05;
        Thu, 04 Mar 2021 04:09:29 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@walle.cc header.s=mail2016061301 header.b=iBEg8N8O;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1579153AbhCCSa0 (ORCPT <rfc822;luxiaolong211@gmail.com>
        + 99 others); Wed, 3 Mar 2021 13:30:26 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59324 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1346684AbhCCQ05 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 3 Mar 2021 11:26:57 -0500
Received: from ssl.serverraum.org (ssl.serverraum.org [IPv6:2a01:4f8:151:8464::1:2])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 20A0AC0613DB
        for <linux-kernel@vger.kernel.org>; Wed,  3 Mar 2021 08:25:51 -0800 (PST)
Received: from ssl.serverraum.org (web.serverraum.org [172.16.0.2])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by ssl.serverraum.org (Postfix) with ESMTPSA id 063E32223A;
        Wed,  3 Mar 2021 17:25:49 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=walle.cc; s=mail2016061301;
        t=1614788749;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=nBW9WYF4VIOc6BFxnRf5anhpRbWsUv3hkVrcjwL2WwU=;
        b=iBEg8N8OMPPPXXyef//mbJLbe7VeToyM8IMbtPns0WKqlh/76bnZI/isUmnLZ+qcbylVY7
        QWC8Ul9OsB8ZHm3tLimQMcQrYGV3KKXz4QlwkptDDF8bsKP7biaxf2dcd1o2DXDE3p4jl0
        oBpN6FaOCSkbtwsWPEplV/AIciVMtoc=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8;
 format=flowed
Content-Transfer-Encoding: 8bit
Date:   Wed, 03 Mar 2021 17:25:48 +0100
From:   Michael Walle <michael@walle.cc>
To:     Richard Weinberger <richard@nod.at>
Cc:     linux-mtd <linux-mtd@lists.infradead.org>,
        linux-kernel <linux-kernel@vger.kernel.org>,
        Miquel Raynal <miquel.raynal@bootlin.com>,
        Vignesh Raghavendra <vigneshr@ti.com>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Subject: Re: [PATCH] mtd: require write permissions for locking and badblock
 ioctls
In-Reply-To: <689194005.42755.1614788236355.JavaMail.zimbra@nod.at>
References: <20210303155735.25887-1-michael@walle.cc>
 <YD+0mAPTMN8AwNBx@kroah.com>
 <689194005.42755.1614788236355.JavaMail.zimbra@nod.at>
User-Agent: Roundcube Webmail/1.4.11
Message-ID: <040cf2058fe4cf5e63dbff534582881a@walle.cc>
X-Sender: michael@walle.cc
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Am 2021-03-03 17:17, schrieb Richard Weinberger:
> Michael,
> 
> ----- Ursprüngliche Mail -----
>> Von: "Greg Kroah-Hartman" <gregkh@linuxfoundation.org>
>> An: "Michael Walle" <michael@walle.cc>
>> CC: "linux-mtd" <linux-mtd@lists.infradead.org>, "linux-kernel" 
>> <linux-kernel@vger.kernel.org>, "Miquel Raynal"
>> <miquel.raynal@bootlin.com>, "richard" <richard@nod.at>, "Vignesh 
>> Raghavendra" <vigneshr@ti.com>
>> Gesendet: Mittwoch, 3. März 2021 17:08:56
>> Betreff: Re: [PATCH] mtd: require write permissions for locking and 
>> badblock ioctls
> 
>> On Wed, Mar 03, 2021 at 04:57:35PM +0100, Michael Walle wrote:
>>> MEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require
>>> write permission. Depending on the hardware MEMLOCK might even be
>>> write-once, e.g. for SPI-NOR flashes with their WP# tied to GND. 
>>> OTPLOCK
>>> is always write-once.
>>> 
>>> MEMSETBADBLOCK modifies the bad block table.
>>> 
>>> Fixes: f7e6b19bc764 ("mtd: properly check all write ioctls for 
>>> permissions")
>>> Signed-off-by: Michael Walle <michael@walle.cc>
>>> ---
>>>  drivers/mtd/mtdchar.c | 8 ++++----
>>>  1 file changed, 4 insertions(+), 4 deletions(-)
>> 
>> Thanks for auditing the rest of these from my original patch.  If this
>> is ok with userspace tools, it's fine with me, but I don't even have
>> this hardware to test with :)
> 
> That's my fear. Michael, did you verify?

I don't know any tools except the mtd-utils. So no.

> In general you need to be root to open these device files.
> So, I don't see a security problem here.

Then this begs the question, why is this check there in
the first place?

This come up because I was adding a OTPERASE which
was suggested that is was a "dangerous" command. So I
was puzzled why the ones above are considered "safe" ;)

-michael