From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753406AbdLEKhm (ORCPT ); Tue, 5 Dec 2017 05:37:42 -0500 Received: from mail.linuxfoundation.org ([140.211.169.12]:33848 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752974AbdLEKhj (ORCPT ); Tue, 5 Dec 2017 05:37:39 -0500 Date: Tue, 5 Dec 2017 11:37:46 +0100 From: Greg Kroah-Hartman To: Ard Biesheuvel Cc: Matt Fleming , Dave Young , Linus Torvalds , "Tobin C. Harding" , LKML , "linux-efi@vger.kernel.org" Subject: Re: [PATCH] efi: move some sysfs files to be read-only by root Message-ID: <20171205103746.GA23410@kroah.com> References: <20171205101343.GA5416@kroah.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.9.1 (2017-09-22) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Dec 05, 2017 at 10:16:56AM +0000, Ard Biesheuvel wrote: > On 5 December 2017 at 10:13, Greg Kroah-Hartman > wrote: > > Thanks to the scripts/leaking_addresses.pl script, it was found that > > some EFI values should not be readable by non-root users. > > > > So make them root-only, and to do that, add a __ATTR_RO_MODE() macro to > > make this easier, and use it in other places at the same time. > > > > Reported-by: Linus Torvalds > > Tested-by: Dave Young > > Cc: Matt Fleming > > Cc: Ard Biesheuvel > > Cc: stable > > Signed-off-by: Greg Kroah-Hartman > > > > --- > > drivers/firmware/efi/efi.c | 3 +-- > > drivers/firmware/efi/esrt.c | 15 ++++++--------- > > drivers/firmware/efi/runtime-map.c | 10 +++++----- > > include/linux/sysfs.h | 5 +++++ > > 4 files changed, 17 insertions(+), 16 deletions(-) > > > > --- a/drivers/firmware/efi/efi.c > > +++ b/drivers/firmware/efi/efi.c > > @@ -143,8 +143,7 @@ static ssize_t systab_show(struct kobjec > > return str - buf; > > } > > > > -static struct kobj_attribute efi_attr_systab = > > - __ATTR(systab, 0400, systab_show, NULL); > > +static struct kobj_attribute efi_attr_systab = __ATTR_RO_MODE(systab, 0400); > > > > #define EFI_FIELD(var) efi.var > > > > --- a/drivers/firmware/efi/esrt.c > > +++ b/drivers/firmware/efi/esrt.c > > @@ -106,7 +106,7 @@ static const struct sysfs_ops esre_attr_ > > }; > > > > /* Generic ESRT Entry ("ESRE") support. */ > > -static ssize_t esre_fw_class_show(struct esre_entry *entry, char *buf) > > +static ssize_t fw_class_show(struct esre_entry *entry, char *buf) > > { > > char *str = buf; > > > > @@ -117,18 +117,16 @@ static ssize_t esre_fw_class_show(struct > > return str - buf; > > } > > > > -static struct esre_attribute esre_fw_class = __ATTR(fw_class, 0400, > > - esre_fw_class_show, NULL); > > +static struct esre_attribute esre_fw_class = __ATTR_RO_MODE(fw_class, 0400); > > > > #define esre_attr_decl(name, size, fmt) \ > > -static ssize_t esre_##name##_show(struct esre_entry *entry, char *buf) \ > > +static ssize_t name##_show(struct esre_entry *entry, char *buf) \ > > { \ > > return sprintf(buf, fmt "\n", \ > > le##size##_to_cpu(entry->esre.esre1->name)); \ > > } \ > > \ > > -static struct esre_attribute esre_##name = __ATTR(name, 0400, \ > > - esre_##name##_show, NULL) > > +static struct esre_attribute esre_##name = __ATTR_RO_MODE(name, 0400) > > > > esre_attr_decl(fw_type, 32, "%u"); > > esre_attr_decl(fw_version, 32, "%u"); > > @@ -193,14 +191,13 @@ static int esre_create_sysfs_entry(void > > > > /* support for displaying ESRT fields at the top level */ > > #define esrt_attr_decl(name, size, fmt) \ > > -static ssize_t esrt_##name##_show(struct kobject *kobj, \ > > +static ssize_t name##_show(struct kobject *kobj, \ > > struct kobj_attribute *attr, char *buf)\ > > { \ > > return sprintf(buf, fmt "\n", le##size##_to_cpu(esrt->name)); \ > > } \ > > \ > > -static struct kobj_attribute esrt_##name = __ATTR(name, 0400, \ > > - esrt_##name##_show, NULL) > > +static struct kobj_attribute esrt_##name = __ATTR_RO_MODE(name, 0400) > > > > esrt_attr_decl(fw_resource_count, 32, "%u"); > > esrt_attr_decl(fw_resource_count_max, 32, "%u"); > > --- a/drivers/firmware/efi/runtime-map.c > > +++ b/drivers/firmware/efi/runtime-map.c > > @@ -63,11 +63,11 @@ static ssize_t map_attr_show(struct kobj > > return map_attr->show(entry, buf); > > } > > > > -static struct map_attribute map_type_attr = __ATTR_RO(type); > > -static struct map_attribute map_phys_addr_attr = __ATTR_RO(phys_addr); > > -static struct map_attribute map_virt_addr_attr = __ATTR_RO(virt_addr); > > -static struct map_attribute map_num_pages_attr = __ATTR_RO(num_pages); > > -static struct map_attribute map_attribute_attr = __ATTR_RO(attribute); > > +static struct map_attribute map_type_attr = __ATTR_RO_MODE(type, 0400); > > +static struct map_attribute map_phys_addr_attr = __ATTR_RO_MODE(phys_addr, 0400); > > +static struct map_attribute map_virt_addr_attr = __ATTR_RO_MODE(virt_addr, 0400); > > +static struct map_attribute map_num_pages_attr = __ATTR_RO_MODE(num_pages, 0400); > > +static struct map_attribute map_attribute_attr = __ATTR_RO_MODE(attribute, 0400); > > > > /* > > * These are default attributes that are added for every memmap entry. > > --- a/include/linux/sysfs.h > > +++ b/include/linux/sysfs.h > > @@ -117,6 +117,11 @@ struct attribute_group { > > .show = _name##_show, \ > > } > > > > +#define __ATTR_RO_MODE(_name, _mode) { \ > > + .attr = { .name = __stringify(_name), .mode = _mode }, \ > > + .show = _name##_show, \ > > +} > > + > > #define __ATTR_WO(_name) { \ > > .attr = { .name = __stringify(_name), .mode = S_IWUSR }, \ > > .store = _name##_store, \ > > > > Thanks Greg. > > Do we need the VERIFY_OCTAL_PERMISSION() thing here as well? Ah, totally missed that, let me go add it now, good catch... greg k-h