| From 4cb8c9522603afbfd189c2d6e1649b9432987a1a Mon Sep 17 00:00:00 2001 |
| From: Andrew Donnellan <ajd@linux.ibm.com> |
| Date: Fri, 3 May 2019 17:52:53 +1000 |
| Subject: [PATCH] powerpc/powernv: Restrict OPAL symbol map to only be readable |
| by root |
| |
| commit e7de4f7b64c23e503a8c42af98d56f2a7462bd6d upstream. |
| |
| Currently the OPAL symbol map is globally readable, which seems bad as |
| it contains physical addresses. |
| |
| Restrict it to root. |
| |
| Fixes: c8742f85125d ("powerpc/powernv: Expose OPAL firmware symbol map") |
| Cc: stable@vger.kernel.org # v3.19+ |
| Suggested-by: Michael Ellerman <mpe@ellerman.id.au> |
| Signed-off-by: Andrew Donnellan <ajd@linux.ibm.com> |
| Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> |
| Link: https://lore.kernel.org/r/20190503075253.22798-1-ajd@linux.ibm.com |
| Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> |
| |
| diff --git a/arch/powerpc/platforms/powernv/opal.c b/arch/powerpc/platforms/powernv/opal.c |
| index 98c5d94b17fb..d2411cbd452c 100644 |
| --- a/arch/powerpc/platforms/powernv/opal.c |
| +++ b/arch/powerpc/platforms/powernv/opal.c |
| @@ -698,7 +698,10 @@ static ssize_t symbol_map_read(struct file *fp, struct kobject *kobj, |
| bin_attr->size); |
| } |
| |
| -static BIN_ATTR_RO(symbol_map, 0); |
| +static struct bin_attribute symbol_map_attr = { |
| + .attr = {.name = "symbol_map", .mode = 0400}, |
| + .read = symbol_map_read |
| +}; |
| |
| static void opal_export_symmap(void) |
| { |
| @@ -715,10 +718,10 @@ static void opal_export_symmap(void) |
| return; |
| |
| /* Setup attributes */ |
| - bin_attr_symbol_map.private = __va(be64_to_cpu(syms[0])); |
| - bin_attr_symbol_map.size = be64_to_cpu(syms[1]); |
| + symbol_map_attr.private = __va(be64_to_cpu(syms[0])); |
| + symbol_map_attr.size = be64_to_cpu(syms[1]); |
| |
| - rc = sysfs_create_bin_file(opal_kobj, &bin_attr_symbol_map); |
| + rc = sysfs_create_bin_file(opal_kobj, &symbol_map_attr); |
| if (rc) |
| pr_warn("Error %d creating OPAL symbols file\n", rc); |
| } |
| -- |
| 2.7.4 |
| |