git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Peter Jones <pjones@redhat.com>
	Mon, 8 Feb 2016 19:48:15 +0000 (14:48 -0500)
committer	Sasha Levin <sasha.levin@oracle.com>
	Tue, 12 Apr 2016 02:44:23 +0000 (22:44 -0400)
commit	3e49b9ec16de14ec3210e87c4307ffdb75cfe0b0
tree	5fa6940340bd6d672ef22b9470dd9bc46b2d4850	tree
parent	c3f517d4cd9a1478ae99f873697444a8690de482	commit \| diff

efi: Make efivarfs entries immutable by default

[ Upstream commit ed8b0de5a33d2a2557dce7f9429dca8cb5bc5879 ]

"rm -rf" is bricking some peoples' laptops because of variables being
used to store non-reinitializable firmware driver data that's required
to POST the hardware.

These are 100% bugs, and they need to be fixed, but in the mean time it
shouldn't be easy to *accidentally* brick machines.

We have to have delete working, and picking which variables do and don't
work for deletion is quite intractable, so instead make everything
immutable by default (except for a whitelist), and make tools that
aren't quite so broad-spectrum unset the immutable flag.

Signed-off-by: Peter Jones <pjones@redhat.com>
Tested-by: Lee, Chun-Yi <jlee@suse.com>
Acked-by: Matthew Garrett <mjg59@coreos.com>
Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>

Documentation/filesystems/efivarfs.txt		diff \| blob \| blame \| history
drivers/firmware/efi/vars.c		diff \| blob \| blame \| history
fs/efivarfs/file.c		diff \| blob \| blame \| history
fs/efivarfs/inode.c		diff \| blob \| blame \| history
fs/efivarfs/internal.h		diff \| blob \| blame \| history
fs/efivarfs/super.c		diff \| blob \| blame \| history
include/linux/efi.h		diff \| blob \| blame \| history
tools/testing/selftests/efivarfs/efivarfs.sh		diff \| blob \| blame \| history
tools/testing/selftests/efivarfs/open-unlink.c		diff \| blob \| blame \| history