1 From 7b62f9bd2246b7d3d086e571397c14ba52645ef1 Mon Sep 17 00:00:00 2001
2 From: Jordan Niethe <jniethe5@gmail.com>
3 Date: Wed, 27 Feb 2019 14:02:29 +1100
4 Subject: powerpc/powernv: Make opal log only readable by root
6 From: Jordan Niethe <jniethe5@gmail.com>
8 commit 7b62f9bd2246b7d3d086e571397c14ba52645ef1 upstream.
10 Currently the opal log is globally readable. It is kernel policy to
11 limit the visibility of physical addresses / kernel pointers to root.
12 Given this and the fact the opal log may contain this information it
13 would be better to limit the readability to root.
15 Fixes: bfc36894a48b ("powerpc/powernv: Add OPAL message log interface")
16 Cc: stable@vger.kernel.org # v3.15+
17 Signed-off-by: Jordan Niethe <jniethe5@gmail.com>
18 Reviewed-by: Stewart Smith <stewart@linux.ibm.com>
19 Reviewed-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
20 Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
21 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
24 arch/powerpc/platforms/powernv/opal-msglog.c | 2 +-
25 1 file changed, 1 insertion(+), 1 deletion(-)
27 --- a/arch/powerpc/platforms/powernv/opal-msglog.c
28 +++ b/arch/powerpc/platforms/powernv/opal-msglog.c
29 @@ -98,7 +98,7 @@ static ssize_t opal_msglog_read(struct f
32 static struct bin_attribute opal_msglog_attr = {
33 - .attr = {.name = "msglog", .mode = 0444},
34 + .attr = {.name = "msglog", .mode = 0400},
35 .read = opal_msglog_read