efi: Move some sysfs files to be read-only by root (af97a77b) · Commits · 方亚芬 / linux

Commit af97a77b authored Dec 06, 2017 by

Greg Kroah-Hartman Committed by Ingo Molnar Dec 06, 2017

efi: Move some sysfs files to be read-only by root



Thanks to the scripts/leaking_addresses.pl script, it was found that
some EFI values should not be readable by non-root users.

So make them root-only, and to do that, add a __ATTR_RO_MODE() macro to
make this easier, and use it in other places at the same time.

Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Tested-by: Dave Young <dyoung@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Cc: stable <stable@vger.kernel.org>
Link: http://lkml.kernel.org/r/20171206095010.24170-2-ard.biesheuvel@linaro.org


Signed-off-by: Ingo Molnar <mingo@kernel.org>

parent 328b4ed9

Hide whitespace changes

Inline Side-by-side

Please register or to comment