[thirdparty/kernel/stable-queue.git] / releases / 4.4.103 / libnvdimm-namespace-make-resource-attribute-only-readable-by-root.patch

From c1fb3542074fd0c4d901d778bd52455111e4eb6f Mon Sep 17 00:00:00 2001
From: Dan Williams <dan.j.williams@intel.com>
Date: Tue, 26 Sep 2017 11:21:24 -0700
Subject: libnvdimm, namespace: make 'resource' attribute only readable by root

From: Dan Williams <dan.j.williams@intel.com>

commit c1fb3542074fd0c4d901d778bd52455111e4eb6f upstream.

For the same reason that /proc/iomem returns 0's for non-root readers
and acpi tables are root-only, make the 'resource' attribute for
namespace devices only readable by root. Otherwise we disclose physical
address information.

Fixes: bf9bccc14c05 ("libnvdimm: pmem label sets and namespace instantiation")
Reported-by: Dave Hansen <dave.hansen@linux.intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 drivers/nvdimm/namespace_devs.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/drivers/nvdimm/namespace_devs.c
+++ b/drivers/nvdimm/namespace_devs.c
@@ -1305,7 +1305,7 @@ static umode_t namespace_visible(struct
 	if (a == &dev_attr_resource.attr) {
 		if (is_namespace_blk(dev))
 			return 0;
-		return a->mode;
+		return 0400;
 	}
 
 	if (is_namespace_pmem(dev) || is_namespace_blk(dev)) {
Commit	Line	Data
5f59e284 GKH	1	From c1fb3542074fd0c4d901d778bd52455111e4eb6f Mon Sep 17 00:00:00 2001
	2	From: Dan Williams <dan.j.williams@intel.com>
	3	Date: Tue, 26 Sep 2017 11:21:24 -0700
	4	Subject: libnvdimm, namespace: make 'resource' attribute only readable by root
	5
	6	From: Dan Williams <dan.j.williams@intel.com>
	7
	8	commit c1fb3542074fd0c4d901d778bd52455111e4eb6f upstream.
	9
	10	For the same reason that /proc/iomem returns 0's for non-root readers
	11	and acpi tables are root-only, make the 'resource' attribute for
	12	namespace devices only readable by root. Otherwise we disclose physical
	13	address information.
	14
	15	Fixes: bf9bccc14c05 ("libnvdimm: pmem label sets and namespace instantiation")
	16	Reported-by: Dave Hansen <dave.hansen@linux.intel.com>
	17	Signed-off-by: Dan Williams <dan.j.williams@intel.com>
	18	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	19
	20	---
	21	drivers/nvdimm/namespace_devs.c \| 2 +-
	22	1 file changed, 1 insertion(+), 1 deletion(-)
	23
	24	--- a/drivers/nvdimm/namespace_devs.c
	25	+++ b/drivers/nvdimm/namespace_devs.c
	26	@@ -1305,7 +1305,7 @@ static umode_t namespace_visible(struct
	27	if (a == &dev_attr_resource.attr) {
	28	if (is_namespace_blk(dev))
	29	return 0;
	30	- return a->mode;
	31	+ return 0400;
	32	}
	33
	34	if (is_namespace_pmem(dev) \|\| is_namespace_blk(dev)) {