From patchwork Wed Dec 6 09:50:08 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 120801 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp6843415qgn; Wed, 6 Dec 2017 01:53:03 -0800 (PST) X-Google-Smtp-Source: AGs4zMai/w77WPuizkYHVFR8sM9hIrWi0ViUTG42pSCUymlg8hZsTT0k82XFTBWWThTsyqXlK0U8 X-Received: by 10.99.117.19 with SMTP id q19mr20170769pgc.94.1512553983290; Wed, 06 Dec 2017 01:53:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1512553983; cv=none; d=google.com; s=arc-20160816; b=1DcITINEkBE9UysJxR1NcSTOhV1kZ9MaaFfnzkaIspPw6dq966QNGHi/rvWRcjjJhG k1P5jLw6yaKzwlGMAonI797DYKtWBBnVAOZUvVWH1MbzqRU/DxqzRSBNWSKBEhF7Bh1q rem7xISpQnPNK3csdRq09rLbFK7brrbUWLhZgM8UH1jr/1j2aVEp6GmL+UoC65TPhS6q 5GWsnNFAaU2e0btP0ObunJZEwrcqfgfXs3/C9pTbHD34NsSHO8JGNWi+0ujkRZOly/MV IUMexTKTA/fhLVoyhuMvG8+culRwooN64L9oY9Zh2us43MeYcR08dJpY/F9BOrYu3svL 1eaw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=Spf5r9a8AwCEdkqMSE75XsaGxAkAQtolyxYBwrt/2Bw=; b=Ugg+sCJJx8LWdp8P7mzhuvKWOoGVx+B7nfgVUbR6OhUu8kcaoW11i19ic/IOugGbBm qzTz9xenyq/CUoD2cgP0Dhm+FtgpGjgvT+O87MO2lfNg9fYS/su77rccR0xzCqF2d5bO zPu6zZgxQcFYv/cj+xb+8canNxoogXSQiFvt5SfFEggZvXZlZPwDxGnPRS2+4B0Pq520 eBhV1F4YNMtG/GyGnbLmIfIIVg0+FTRAC0kYqqWQGu9zAp6Sz5GNfviKH1QgV4fwwyy/ 3q/HVeza/1TaNit5BYNZW6V4VJQX08w6DChvhmo5DrY7jLAiPHBgEwZT77Q5LRKi5zyF OsbA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=HMaODjZb; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t84si1774477pfg.252.2017.12.06.01.53.03; Wed, 06 Dec 2017 01:53:03 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=HMaODjZb; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754733AbdLFJxB (ORCPT + 2 others); Wed, 6 Dec 2017 04:53:01 -0500 Received: from mail-wm0-f66.google.com ([74.125.82.66]:37591 "EHLO mail-wm0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753998AbdLFJw2 (ORCPT ); Wed, 6 Dec 2017 04:52:28 -0500 Received: by mail-wm0-f66.google.com with SMTP id f140so5975235wmd.2 for ; Wed, 06 Dec 2017 01:52:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=kPElbxAiULMDMzD3H8CQaN+o8vCoU9KM1JvUBU0xW+g=; b=HMaODjZbuMz8HRzLiD6xU7D71idvYr9ihDFEEg8HUEjYsmcUzCPN7rtK9zNX2qgI2o vdiamIDWZvkc923wv46BeCbENfz4WXNKOYdagjNRVP9QmZeCos3UzdSSMUSbOxUT2kHO aXKZLigJ5u4+2UyFvehbfTIdzQXCvg7oF2h30= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=kPElbxAiULMDMzD3H8CQaN+o8vCoU9KM1JvUBU0xW+g=; b=s0SNdrZxsC0XvmCOjqSMLegR/ZGSkBXTtgdvvtzz5ZtK97Kdoqp/ZW9+s1Oigbswdq PkM7B8GK756UaHw48PykWNNWoWnk3LHCeBzzAIdr4FdkdIpDOWPjJedY/8EkfW1psPhD iFVbp3liJOMpOmyRA65Q0dFO3IAtXYASq+SNm28xarSt4cnUYWsIV9AcCWPqYq7uyWKV igyfL8S/+yTOT4/NLsZlgmTu9CQF1sLiFeZ6YUKsXQJIHCiE+KMlkDwKWOYBbz7dlmkK w+let/TrgOw5qbNpfdqxRl/tuB6kCOcD0OUIGSaR/8VXWK6g4Z9FuBN/J4+TA+V7b/S2 FjbQ== X-Gm-Message-State: AJaThX6GFGRlIR9PTh/PXsFHzkfYA+rv/toKBSBvzIY+IAgcLCun4K+C msKQAPWk8XiZDzLWH2o7ygOsAQgd1iE= X-Received: by 10.28.70.66 with SMTP id t63mr11682919wma.106.1512553946595; Wed, 06 Dec 2017 01:52:26 -0800 (PST) Received: from localhost.localdomain ([105.150.171.234]) by smtp.gmail.com with ESMTPSA id w133sm2543113wmg.9.2017.12.06.01.52.24 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 06 Dec 2017 01:52:25 -0800 (PST) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, Ingo Molnar , Thomas Gleixner , "H . Peter Anvin" Cc: Greg Kroah-Hartman , Ard Biesheuvel , linux-kernel@vger.kernel.org, Matt Fleming , stable Subject: [PATCH 1/3] efi: move some sysfs files to be read-only by root Date: Wed, 6 Dec 2017 09:50:08 +0000 Message-Id: <20171206095010.24170-2-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20171206095010.24170-1-ard.biesheuvel@linaro.org> References: <20171206095010.24170-1-ard.biesheuvel@linaro.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Greg Kroah-Hartman Thanks to the scripts/leaking_addresses.pl script, it was found that some EFI values should not be readable by non-root users. So make them root-only, and to do that, add a __ATTR_RO_MODE() macro to make this easier, and use it in other places at the same time. Reported-by: Linus Torvalds Tested-by: Dave Young Cc: Matt Fleming Cc: Ard Biesheuvel Cc: stable Signed-off-by: Greg Kroah-Hartman Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/efi.c | 3 +-- drivers/firmware/efi/esrt.c | 15 ++++++--------- drivers/firmware/efi/runtime-map.c | 10 +++++----- include/linux/sysfs.h | 6 ++++++ 4 files changed, 18 insertions(+), 16 deletions(-) -- 2.11.0 -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c index f70febf680c3..c3eefa126e3b 100644 --- a/drivers/firmware/efi/efi.c +++ b/drivers/firmware/efi/efi.c @@ -143,8 +143,7 @@ static ssize_t systab_show(struct kobject *kobj, return str - buf; } -static struct kobj_attribute efi_attr_systab = - __ATTR(systab, 0400, systab_show, NULL); +static struct kobj_attribute efi_attr_systab = __ATTR_RO_MODE(systab, 0400); #define EFI_FIELD(var) efi.var diff --git a/drivers/firmware/efi/esrt.c b/drivers/firmware/efi/esrt.c index bd7ed3c1148a..7aae2483fcb9 100644 --- a/drivers/firmware/efi/esrt.c +++ b/drivers/firmware/efi/esrt.c @@ -106,7 +106,7 @@ static const struct sysfs_ops esre_attr_ops = { }; /* Generic ESRT Entry ("ESRE") support. */ -static ssize_t esre_fw_class_show(struct esre_entry *entry, char *buf) +static ssize_t fw_class_show(struct esre_entry *entry, char *buf) { char *str = buf; @@ -117,18 +117,16 @@ static ssize_t esre_fw_class_show(struct esre_entry *entry, char *buf) return str - buf; } -static struct esre_attribute esre_fw_class = __ATTR(fw_class, 0400, - esre_fw_class_show, NULL); +static struct esre_attribute esre_fw_class = __ATTR_RO_MODE(fw_class, 0400); #define esre_attr_decl(name, size, fmt) \ -static ssize_t esre_##name##_show(struct esre_entry *entry, char *buf) \ +static ssize_t name##_show(struct esre_entry *entry, char *buf) \ { \ return sprintf(buf, fmt "\n", \ le##size##_to_cpu(entry->esre.esre1->name)); \ } \ \ -static struct esre_attribute esre_##name = __ATTR(name, 0400, \ - esre_##name##_show, NULL) +static struct esre_attribute esre_##name = __ATTR_RO_MODE(name, 0400) esre_attr_decl(fw_type, 32, "%u"); esre_attr_decl(fw_version, 32, "%u"); @@ -193,14 +191,13 @@ static int esre_create_sysfs_entry(void *esre, int entry_num) /* support for displaying ESRT fields at the top level */ #define esrt_attr_decl(name, size, fmt) \ -static ssize_t esrt_##name##_show(struct kobject *kobj, \ +static ssize_t name##_show(struct kobject *kobj, \ struct kobj_attribute *attr, char *buf)\ { \ return sprintf(buf, fmt "\n", le##size##_to_cpu(esrt->name)); \ } \ \ -static struct kobj_attribute esrt_##name = __ATTR(name, 0400, \ - esrt_##name##_show, NULL) +static struct kobj_attribute esrt_##name = __ATTR_RO_MODE(name, 0400) esrt_attr_decl(fw_resource_count, 32, "%u"); esrt_attr_decl(fw_resource_count_max, 32, "%u"); diff --git a/drivers/firmware/efi/runtime-map.c b/drivers/firmware/efi/runtime-map.c index 8e64b77aeac9..f377609ff141 100644 --- a/drivers/firmware/efi/runtime-map.c +++ b/drivers/firmware/efi/runtime-map.c @@ -63,11 +63,11 @@ static ssize_t map_attr_show(struct kobject *kobj, struct attribute *attr, return map_attr->show(entry, buf); } -static struct map_attribute map_type_attr = __ATTR_RO(type); -static struct map_attribute map_phys_addr_attr = __ATTR_RO(phys_addr); -static struct map_attribute map_virt_addr_attr = __ATTR_RO(virt_addr); -static struct map_attribute map_num_pages_attr = __ATTR_RO(num_pages); -static struct map_attribute map_attribute_attr = __ATTR_RO(attribute); +static struct map_attribute map_type_attr = __ATTR_RO_MODE(type, 0400); +static struct map_attribute map_phys_addr_attr = __ATTR_RO_MODE(phys_addr, 0400); +static struct map_attribute map_virt_addr_attr = __ATTR_RO_MODE(virt_addr, 0400); +static struct map_attribute map_num_pages_attr = __ATTR_RO_MODE(num_pages, 0400); +static struct map_attribute map_attribute_attr = __ATTR_RO_MODE(attribute, 0400); /* * These are default attributes that are added for every memmap entry. diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h index e32dfe098e82..40839c02d28c 100644 --- a/include/linux/sysfs.h +++ b/include/linux/sysfs.h @@ -117,6 +117,12 @@ struct attribute_group { .show = _name##_show, \ } +#define __ATTR_RO_MODE(_name, _mode) { \ + .attr = { .name = __stringify(_name), \ + .mode = VERIFY_OCTAL_PERMISSIONS(_mode) }, \ + .show = _name##_show, \ +} + #define __ATTR_WO(_name) { \ .attr = { .name = __stringify(_name), .mode = S_IWUSR }, \ .store = _name##_store, \