Message ID | 20190227030229.12814-1-jniethe5@gmail.com (mailing list archive) |
---|---|
State | Accepted |
Commit | 7b62f9bd2246b7d3d086e571397c14ba52645ef1 |
Headers | show |
Series | powerpc/powernv: Make opal log only readable by root | expand |
Context | Check | Description |
---|---|---|
snowpatch_ozlabs/apply_patch | success | next/apply_patch Successfully applied |
snowpatch_ozlabs/build-ppc64le | success | build succeeded & removed 0 sparse warning(s) |
snowpatch_ozlabs/build-ppc64be | success | build succeeded & removed 0 sparse warning(s) |
snowpatch_ozlabs/build-ppc64e | success | build succeeded & removed 0 sparse warning(s) |
snowpatch_ozlabs/build-pmac32 | warning | build succeeded but added 17 new sparse warning(s) |
snowpatch_ozlabs/checkpatch | success | total: 0 errors, 0 warnings, 0 checks, 8 lines checked |
Jordan Niethe <jniethe5@gmail.com> writes: > Currently the opal log is globally readable. It is kernel policy to limit > the visibility of physical addresses / kernel pointers to root. > Given this and the fact the opal log may contain this information it would > be better to limit the readability to root. > > Signed-off-by: Jordan Niethe <jniethe5@gmail.com> Yeah, this is a really good idea. Reviewed-by: Stewart Smith <stewart@linux.ibm.com>
On 27/2/19 2:02 pm, Jordan Niethe wrote: > Currently the opal log is globally readable. It is kernel policy to limit > the visibility of physical addresses / kernel pointers to root. > Given this and the fact the opal log may contain this information it would > be better to limit the readability to root. > > Signed-off-by: Jordan Niethe <jniethe5@gmail.com> Guess I'll have to get used to typing sudo more often. :( Makes sense also given that we do the same thing for exports afaict. Reviewed-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
Jordan Niethe <jniethe5@gmail.com> writes: > Currently the opal log is globally readable. It is kernel policy to limit > the visibility of physical addresses / kernel pointers to root. > Given this and the fact the opal log may contain this information it would > be better to limit the readability to root. Yikes, thanks for fixing that. I'll add a Fixes: tag and Cc stable. I also see symbol_map is 0444, I think that should be fixed too. cheers > diff --git a/arch/powerpc/platforms/powernv/opal-msglog.c b/arch/powerpc/platforms/powernv/opal-msglog.c > index acd3206dfae3..06628c71cef6 100644 > --- a/arch/powerpc/platforms/powernv/opal-msglog.c > +++ b/arch/powerpc/platforms/powernv/opal-msglog.c > @@ -98,7 +98,7 @@ static ssize_t opal_msglog_read(struct file *file, struct kobject *kobj, > } > > static struct bin_attribute opal_msglog_attr = { > - .attr = {.name = "msglog", .mode = 0444}, > + .attr = {.name = "msglog", .mode = 0400}, > .read = opal_msglog_read > }; > > -- > 2.20.1
diff --git a/arch/powerpc/platforms/powernv/opal-msglog.c b/arch/powerpc/platforms/powernv/opal-msglog.c index acd3206dfae3..06628c71cef6 100644 --- a/arch/powerpc/platforms/powernv/opal-msglog.c +++ b/arch/powerpc/platforms/powernv/opal-msglog.c @@ -98,7 +98,7 @@ static ssize_t opal_msglog_read(struct file *file, struct kobject *kobj, } static struct bin_attribute opal_msglog_attr = { - .attr = {.name = "msglog", .mode = 0444}, + .attr = {.name = "msglog", .mode = 0400}, .read = opal_msglog_read };
Currently the opal log is globally readable. It is kernel policy to limit the visibility of physical addresses / kernel pointers to root. Given this and the fact the opal log may contain this information it would be better to limit the readability to root. Signed-off-by: Jordan Niethe <jniethe5@gmail.com> --- arch/powerpc/platforms/powernv/opal-msglog.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)