From: Greg Kroah-Hartman Date: Tue, 10 Nov 2020 19:01:23 +0000 (+0100) Subject: add powercap patch X-Git-Tag: v4.4.243~1 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=a1d5bdf3a9ec5800adc8c8327819045d0858d49b;p=thirdparty%2Fkernel%2Fstable-queue.git add powercap patch --- diff --git a/queue-4.14/powercap-restrict-energy-meter-to-root-access.patch b/queue-4.14/powercap-restrict-energy-meter-to-root-access.patch new file mode 100644 index 00000000000..74b481c547d --- /dev/null +++ b/queue-4.14/powercap-restrict-energy-meter-to-root-access.patch @@ -0,0 +1,45 @@ +From 949dd0104c496fa7c14991a23c03c62e44637e71 Mon Sep 17 00:00:00 2001 +From: Len Brown +Date: Tue, 10 Nov 2020 13:00:00 -0800 +Subject: powercap: restrict energy meter to root access + +From: Len Brown + +commit 949dd0104c496fa7c14991a23c03c62e44637e71 upstream. + +Remove non-privileged user access to power data contained in +/sys/class/powercap/intel-rapl*/*/energy_uj + +Non-privileged users currently have read access to power data and can +use this data to form a security attack. Some privileged +drivers/applications need read access to this data, but don't expose it +to non-privileged users. + +For example, thermald uses this data to ensure that power management +works correctly. Thus removing non-privileged access is preferred over +completely disabling this power reporting capability with +CONFIG_INTEL_RAPL=n. + +Fixes: 95677a9a3847 ("PowerCap: Fix mode for energy counter") +Signed-off-by: Len Brown +Cc: stable@vger.kernel.org +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/powercap/powercap_sys.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/drivers/powercap/powercap_sys.c ++++ b/drivers/powercap/powercap_sys.c +@@ -379,9 +379,9 @@ static void create_power_zone_common_att + &dev_attr_max_energy_range_uj.attr; + if (power_zone->ops->get_energy_uj) { + if (power_zone->ops->reset_energy_uj) +- dev_attr_energy_uj.attr.mode = S_IWUSR | S_IRUGO; ++ dev_attr_energy_uj.attr.mode = S_IWUSR | S_IRUSR; + else +- dev_attr_energy_uj.attr.mode = S_IRUGO; ++ dev_attr_energy_uj.attr.mode = S_IRUSR; + power_zone->zone_dev_attrs[count++] = + &dev_attr_energy_uj.attr; + } diff --git a/queue-4.14/series b/queue-4.14/series new file mode 100644 index 00000000000..3f4c96ed355 --- /dev/null +++ b/queue-4.14/series @@ -0,0 +1 @@ +powercap-restrict-energy-meter-to-root-access.patch diff --git a/queue-4.19/powercap-restrict-energy-meter-to-root-access.patch b/queue-4.19/powercap-restrict-energy-meter-to-root-access.patch new file mode 100644 index 00000000000..74b481c547d --- /dev/null +++ b/queue-4.19/powercap-restrict-energy-meter-to-root-access.patch @@ -0,0 +1,45 @@ +From 949dd0104c496fa7c14991a23c03c62e44637e71 Mon Sep 17 00:00:00 2001 +From: Len Brown +Date: Tue, 10 Nov 2020 13:00:00 -0800 +Subject: powercap: restrict energy meter to root access + +From: Len Brown + +commit 949dd0104c496fa7c14991a23c03c62e44637e71 upstream. + +Remove non-privileged user access to power data contained in +/sys/class/powercap/intel-rapl*/*/energy_uj + +Non-privileged users currently have read access to power data and can +use this data to form a security attack. Some privileged +drivers/applications need read access to this data, but don't expose it +to non-privileged users. + +For example, thermald uses this data to ensure that power management +works correctly. Thus removing non-privileged access is preferred over +completely disabling this power reporting capability with +CONFIG_INTEL_RAPL=n. + +Fixes: 95677a9a3847 ("PowerCap: Fix mode for energy counter") +Signed-off-by: Len Brown +Cc: stable@vger.kernel.org +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/powercap/powercap_sys.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/drivers/powercap/powercap_sys.c ++++ b/drivers/powercap/powercap_sys.c +@@ -379,9 +379,9 @@ static void create_power_zone_common_att + &dev_attr_max_energy_range_uj.attr; + if (power_zone->ops->get_energy_uj) { + if (power_zone->ops->reset_energy_uj) +- dev_attr_energy_uj.attr.mode = S_IWUSR | S_IRUGO; ++ dev_attr_energy_uj.attr.mode = S_IWUSR | S_IRUSR; + else +- dev_attr_energy_uj.attr.mode = S_IRUGO; ++ dev_attr_energy_uj.attr.mode = S_IRUSR; + power_zone->zone_dev_attrs[count++] = + &dev_attr_energy_uj.attr; + } diff --git a/queue-4.19/series b/queue-4.19/series new file mode 100644 index 00000000000..3f4c96ed355 --- /dev/null +++ b/queue-4.19/series @@ -0,0 +1 @@ +powercap-restrict-energy-meter-to-root-access.patch diff --git a/queue-4.4/powercap-restrict-energy-meter-to-root-access.patch b/queue-4.4/powercap-restrict-energy-meter-to-root-access.patch new file mode 100644 index 00000000000..74b481c547d --- /dev/null +++ b/queue-4.4/powercap-restrict-energy-meter-to-root-access.patch @@ -0,0 +1,45 @@ +From 949dd0104c496fa7c14991a23c03c62e44637e71 Mon Sep 17 00:00:00 2001 +From: Len Brown +Date: Tue, 10 Nov 2020 13:00:00 -0800 +Subject: powercap: restrict energy meter to root access + +From: Len Brown + +commit 949dd0104c496fa7c14991a23c03c62e44637e71 upstream. + +Remove non-privileged user access to power data contained in +/sys/class/powercap/intel-rapl*/*/energy_uj + +Non-privileged users currently have read access to power data and can +use this data to form a security attack. Some privileged +drivers/applications need read access to this data, but don't expose it +to non-privileged users. + +For example, thermald uses this data to ensure that power management +works correctly. Thus removing non-privileged access is preferred over +completely disabling this power reporting capability with +CONFIG_INTEL_RAPL=n. + +Fixes: 95677a9a3847 ("PowerCap: Fix mode for energy counter") +Signed-off-by: Len Brown +Cc: stable@vger.kernel.org +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/powercap/powercap_sys.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/drivers/powercap/powercap_sys.c ++++ b/drivers/powercap/powercap_sys.c +@@ -379,9 +379,9 @@ static void create_power_zone_common_att + &dev_attr_max_energy_range_uj.attr; + if (power_zone->ops->get_energy_uj) { + if (power_zone->ops->reset_energy_uj) +- dev_attr_energy_uj.attr.mode = S_IWUSR | S_IRUGO; ++ dev_attr_energy_uj.attr.mode = S_IWUSR | S_IRUSR; + else +- dev_attr_energy_uj.attr.mode = S_IRUGO; ++ dev_attr_energy_uj.attr.mode = S_IRUSR; + power_zone->zone_dev_attrs[count++] = + &dev_attr_energy_uj.attr; + } diff --git a/queue-4.4/series b/queue-4.4/series new file mode 100644 index 00000000000..3f4c96ed355 --- /dev/null +++ b/queue-4.4/series @@ -0,0 +1 @@ +powercap-restrict-energy-meter-to-root-access.patch diff --git a/queue-4.9/powercap-restrict-energy-meter-to-root-access.patch b/queue-4.9/powercap-restrict-energy-meter-to-root-access.patch new file mode 100644 index 00000000000..74b481c547d --- /dev/null +++ b/queue-4.9/powercap-restrict-energy-meter-to-root-access.patch @@ -0,0 +1,45 @@ +From 949dd0104c496fa7c14991a23c03c62e44637e71 Mon Sep 17 00:00:00 2001 +From: Len Brown +Date: Tue, 10 Nov 2020 13:00:00 -0800 +Subject: powercap: restrict energy meter to root access + +From: Len Brown + +commit 949dd0104c496fa7c14991a23c03c62e44637e71 upstream. + +Remove non-privileged user access to power data contained in +/sys/class/powercap/intel-rapl*/*/energy_uj + +Non-privileged users currently have read access to power data and can +use this data to form a security attack. Some privileged +drivers/applications need read access to this data, but don't expose it +to non-privileged users. + +For example, thermald uses this data to ensure that power management +works correctly. Thus removing non-privileged access is preferred over +completely disabling this power reporting capability with +CONFIG_INTEL_RAPL=n. + +Fixes: 95677a9a3847 ("PowerCap: Fix mode for energy counter") +Signed-off-by: Len Brown +Cc: stable@vger.kernel.org +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/powercap/powercap_sys.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/drivers/powercap/powercap_sys.c ++++ b/drivers/powercap/powercap_sys.c +@@ -379,9 +379,9 @@ static void create_power_zone_common_att + &dev_attr_max_energy_range_uj.attr; + if (power_zone->ops->get_energy_uj) { + if (power_zone->ops->reset_energy_uj) +- dev_attr_energy_uj.attr.mode = S_IWUSR | S_IRUGO; ++ dev_attr_energy_uj.attr.mode = S_IWUSR | S_IRUSR; + else +- dev_attr_energy_uj.attr.mode = S_IRUGO; ++ dev_attr_energy_uj.attr.mode = S_IRUSR; + power_zone->zone_dev_attrs[count++] = + &dev_attr_energy_uj.attr; + } diff --git a/queue-4.9/series b/queue-4.9/series new file mode 100644 index 00000000000..3f4c96ed355 --- /dev/null +++ b/queue-4.9/series @@ -0,0 +1 @@ +powercap-restrict-energy-meter-to-root-access.patch diff --git a/queue-5.4/powercap-restrict-energy-meter-to-root-access.patch b/queue-5.4/powercap-restrict-energy-meter-to-root-access.patch new file mode 100644 index 00000000000..daad1e2944f --- /dev/null +++ b/queue-5.4/powercap-restrict-energy-meter-to-root-access.patch @@ -0,0 +1,45 @@ +From 949dd0104c496fa7c14991a23c03c62e44637e71 Mon Sep 17 00:00:00 2001 +From: Len Brown +Date: Tue, 10 Nov 2020 13:00:00 -0800 +Subject: powercap: restrict energy meter to root access + +From: Len Brown + +commit 949dd0104c496fa7c14991a23c03c62e44637e71 upstream. + +Remove non-privileged user access to power data contained in +/sys/class/powercap/intel-rapl*/*/energy_uj + +Non-privileged users currently have read access to power data and can +use this data to form a security attack. Some privileged +drivers/applications need read access to this data, but don't expose it +to non-privileged users. + +For example, thermald uses this data to ensure that power management +works correctly. Thus removing non-privileged access is preferred over +completely disabling this power reporting capability with +CONFIG_INTEL_RAPL=n. + +Fixes: 95677a9a3847 ("PowerCap: Fix mode for energy counter") +Signed-off-by: Len Brown +Cc: stable@vger.kernel.org +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/powercap/powercap_sys.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/drivers/powercap/powercap_sys.c ++++ b/drivers/powercap/powercap_sys.c +@@ -367,9 +367,9 @@ static void create_power_zone_common_att + &dev_attr_max_energy_range_uj.attr; + if (power_zone->ops->get_energy_uj) { + if (power_zone->ops->reset_energy_uj) +- dev_attr_energy_uj.attr.mode = S_IWUSR | S_IRUGO; ++ dev_attr_energy_uj.attr.mode = S_IWUSR | S_IRUSR; + else +- dev_attr_energy_uj.attr.mode = S_IRUGO; ++ dev_attr_energy_uj.attr.mode = S_IRUSR; + power_zone->zone_dev_attrs[count++] = + &dev_attr_energy_uj.attr; + } diff --git a/queue-5.4/series b/queue-5.4/series new file mode 100644 index 00000000000..3f4c96ed355 --- /dev/null +++ b/queue-5.4/series @@ -0,0 +1 @@ +powercap-restrict-energy-meter-to-root-access.patch diff --git a/queue-5.9/powercap-restrict-energy-meter-to-root-access.patch b/queue-5.9/powercap-restrict-energy-meter-to-root-access.patch new file mode 100644 index 00000000000..daad1e2944f --- /dev/null +++ b/queue-5.9/powercap-restrict-energy-meter-to-root-access.patch @@ -0,0 +1,45 @@ +From 949dd0104c496fa7c14991a23c03c62e44637e71 Mon Sep 17 00:00:00 2001 +From: Len Brown +Date: Tue, 10 Nov 2020 13:00:00 -0800 +Subject: powercap: restrict energy meter to root access + +From: Len Brown + +commit 949dd0104c496fa7c14991a23c03c62e44637e71 upstream. + +Remove non-privileged user access to power data contained in +/sys/class/powercap/intel-rapl*/*/energy_uj + +Non-privileged users currently have read access to power data and can +use this data to form a security attack. Some privileged +drivers/applications need read access to this data, but don't expose it +to non-privileged users. + +For example, thermald uses this data to ensure that power management +works correctly. Thus removing non-privileged access is preferred over +completely disabling this power reporting capability with +CONFIG_INTEL_RAPL=n. + +Fixes: 95677a9a3847 ("PowerCap: Fix mode for energy counter") +Signed-off-by: Len Brown +Cc: stable@vger.kernel.org +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/powercap/powercap_sys.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/drivers/powercap/powercap_sys.c ++++ b/drivers/powercap/powercap_sys.c +@@ -367,9 +367,9 @@ static void create_power_zone_common_att + &dev_attr_max_energy_range_uj.attr; + if (power_zone->ops->get_energy_uj) { + if (power_zone->ops->reset_energy_uj) +- dev_attr_energy_uj.attr.mode = S_IWUSR | S_IRUGO; ++ dev_attr_energy_uj.attr.mode = S_IWUSR | S_IRUSR; + else +- dev_attr_energy_uj.attr.mode = S_IRUGO; ++ dev_attr_energy_uj.attr.mode = S_IRUSR; + power_zone->zone_dev_attrs[count++] = + &dev_attr_energy_uj.attr; + } diff --git a/queue-5.9/series b/queue-5.9/series new file mode 100644 index 00000000000..3f4c96ed355 --- /dev/null +++ b/queue-5.9/series @@ -0,0 +1 @@ +powercap-restrict-energy-meter-to-root-access.patch