| From 949dd0104c496fa7c14991a23c03c62e44637e71 Mon Sep 17 00:00:00 2001 |
| From: Len Brown <len.brown@intel.com> |
| Date: Tue, 10 Nov 2020 13:00:00 -0800 |
| Subject: powercap: restrict energy meter to root access |
| |
| From: Len Brown <len.brown@intel.com> |
| |
| commit 949dd0104c496fa7c14991a23c03c62e44637e71 upstream. |
| |
| Remove non-privileged user access to power data contained in |
| /sys/class/powercap/intel-rapl*/*/energy_uj |
| |
| Non-privileged users currently have read access to power data and can |
| use this data to form a security attack. Some privileged |
| drivers/applications need read access to this data, but don't expose it |
| to non-privileged users. |
| |
| For example, thermald uses this data to ensure that power management |
| works correctly. Thus removing non-privileged access is preferred over |
| completely disabling this power reporting capability with |
| CONFIG_INTEL_RAPL=n. |
| |
| Fixes: 95677a9a3847 ("PowerCap: Fix mode for energy counter") |
| Signed-off-by: Len Brown <len.brown@intel.com> |
| Cc: stable@vger.kernel.org |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| |
| --- |
| drivers/powercap/powercap_sys.c | 4 ++-- |
| 1 file changed, 2 insertions(+), 2 deletions(-) |
| |
| --- a/drivers/powercap/powercap_sys.c |
| +++ b/drivers/powercap/powercap_sys.c |
| @@ -379,9 +379,9 @@ static void create_power_zone_common_att |
| &dev_attr_max_energy_range_uj.attr; |
| if (power_zone->ops->get_energy_uj) { |
| if (power_zone->ops->reset_energy_uj) |
| - dev_attr_energy_uj.attr.mode = S_IWUSR | S_IRUGO; |
| + dev_attr_energy_uj.attr.mode = S_IWUSR | S_IRUSR; |
| else |
| - dev_attr_energy_uj.attr.mode = S_IRUGO; |
| + dev_attr_energy_uj.attr.mode = S_IRUSR; |
| power_zone->zone_dev_attrs[count++] = |
| &dev_attr_energy_uj.attr; |
| } |