release/5.2.22/powerpc-powernv-Restrict-OPAL-symbol-map-to-only-be-.patch - pub/scm/linux/kernel/git/paulg/longterm-queue-5.2 - Git at Google

 From 4cb8c9522603afbfd189c2d6e1649b9432987a1a Mon Sep 17 00:00:00 2001
 From: Andrew Donnellan <ajd@linux.ibm.com>
 Date: Fri, 3 May 2019 17:52:53 +1000
 Subject: [PATCH] powerpc/powernv: Restrict OPAL symbol map to only be readable
  by root

 commit e7de4f7b64c23e503a8c42af98d56f2a7462bd6d upstream.

 Currently the OPAL symbol map is globally readable, which seems bad as
 it contains physical addresses.

 Restrict it to root.

 Fixes: c8742f85125d ("powerpc/powernv: Expose OPAL firmware symbol map")
 Cc: stable@vger.kernel.org # v3.19+
 Suggested-by: Michael Ellerman <mpe@ellerman.id.au>
 Signed-off-by: Andrew Donnellan <ajd@linux.ibm.com>
 Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
 Link: https://lore.kernel.org/r/20190503075253.22798-1-ajd@linux.ibm.com
 Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>

 diff --git a/arch/powerpc/platforms/powernv/opal.c b/arch/powerpc/platforms/powernv/opal.c
 index 98c5d94b17fb..d2411cbd452c 100644
 --- a/arch/powerpc/platforms/powernv/opal.c
 +++ b/arch/powerpc/platforms/powernv/opal.c
 @@ -698,7 +698,10 @@ static ssize_t symbol_map_read(struct file *fp, struct kobject *kobj,
  				       bin_attr->size);
  }

 -static BIN_ATTR_RO(symbol_map, 0);
 +static struct bin_attribute symbol_map_attr = {
 +	.attr = {.name = "symbol_map", .mode = 0400},
 +	.read = symbol_map_read
 +};

  static void opal_export_symmap(void)
  {
 @@ -715,10 +718,10 @@ static void opal_export_symmap(void)
  		return;

  	/* Setup attributes */
 -	bin_attr_symbol_map.private = __va(be64_to_cpu(syms[0]));
 -	bin_attr_symbol_map.size = be64_to_cpu(syms[1]);
 +	symbol_map_attr.private = __va(be64_to_cpu(syms[0]));
 +	symbol_map_attr.size = be64_to_cpu(syms[1]);

 -	rc = sysfs_create_bin_file(opal_kobj, &bin_attr_symbol_map);
 +	rc = sysfs_create_bin_file(opal_kobj, &symbol_map_attr);
  	if (rc)
  		pr_warn("Error %d creating OPAL symbols file\n", rc);
  }
 --
 2.7.4
	From 4cb8c9522603afbfd189c2d6e1649b9432987a1a Mon Sep 17 00:00:00 2001
	From: Andrew Donnellan <ajd@linux.ibm.com>
	Date: Fri, 3 May 2019 17:52:53 +1000
	Subject: [PATCH] powerpc/powernv: Restrict OPAL symbol map to only be readable
	by root

	commit e7de4f7b64c23e503a8c42af98d56f2a7462bd6d upstream.

	Currently the OPAL symbol map is globally readable, which seems bad as
	it contains physical addresses.

	Restrict it to root.

	Fixes: c8742f85125d ("powerpc/powernv: Expose OPAL firmware symbol map")
	Cc: stable@vger.kernel.org # v3.19+
	Suggested-by: Michael Ellerman <mpe@ellerman.id.au>
	Signed-off-by: Andrew Donnellan <ajd@linux.ibm.com>
	Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
	Link: https://lore.kernel.org/r/20190503075253.22798-1-ajd@linux.ibm.com
	Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>

	diff --git a/arch/powerpc/platforms/powernv/opal.c b/arch/powerpc/platforms/powernv/opal.c
	index 98c5d94b17fb..d2411cbd452c 100644
	--- a/arch/powerpc/platforms/powernv/opal.c
	+++ b/arch/powerpc/platforms/powernv/opal.c
	@@ -698,7 +698,10 @@ static ssize_t symbol_map_read(struct file fp, struct kobject kobj,
	bin_attr->size);
	}

	-static BIN_ATTR_RO(symbol_map, 0);
	+static struct bin_attribute symbol_map_attr = {
	+ .attr = {.name = "symbol_map", .mode = 0400},
	+ .read = symbol_map_read
	+};

	static void opal_export_symmap(void)
	{
	@@ -715,10 +718,10 @@ static void opal_export_symmap(void)
	return;

	/* Setup attributes */
	- bin_attr_symbol_map.private = __va(be64_to_cpu(syms[0]));
	- bin_attr_symbol_map.size = be64_to_cpu(syms[1]);
	+ symbol_map_attr.private = __va(be64_to_cpu(syms[0]));
	+ symbol_map_attr.size = be64_to_cpu(syms[1]);

	- rc = sysfs_create_bin_file(opal_kobj, &bin_attr_symbol_map);
	+ rc = sysfs_create_bin_file(opal_kobj, &symbol_map_attr);
	if (rc)
	pr_warn("Error %d creating OPAL symbols file\n", rc);
	}
	--
	2.7.4