lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Mar 2019 12:15:49 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-kernel@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, stable@...r.kernel.org, Jordan Niethe <jniethe5@...il.com>, Stewart Smith <stewart@...ux.ibm.com>, Andrew Donnellan <andrew.donnellan@....ibm.com>, Michael Ellerman <mpe@...erman.id.au> Subject: [PATCH 4.4 211/230] powerpc/powernv: Make opal log only readable by root 4.4-stable review patch. If anyone has any objections, please let me know. ------------------ From: Jordan Niethe <jniethe5@...il.com> commit 7b62f9bd2246b7d3d086e571397c14ba52645ef1 upstream. Currently the opal log is globally readable. It is kernel policy to limit the visibility of physical addresses / kernel pointers to root. Given this and the fact the opal log may contain this information it would be better to limit the readability to root. Fixes: bfc36894a48b ("powerpc/powernv: Add OPAL message log interface") Cc: stable@...r.kernel.org # v3.15+ Signed-off-by: Jordan Niethe <jniethe5@...il.com> Reviewed-by: Stewart Smith <stewart@...ux.ibm.com> Reviewed-by: Andrew Donnellan <andrew.donnellan@....ibm.com> Signed-off-by: Michael Ellerman <mpe@...erman.id.au> Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org> --- arch/powerpc/platforms/powernv/opal-msglog.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/arch/powerpc/platforms/powernv/opal-msglog.c +++ b/arch/powerpc/platforms/powernv/opal-msglog.c @@ -92,7 +92,7 @@ out: } static struct bin_attribute opal_msglog_attr = { - .attr = {.name = "msglog", .mode = 0444}, + .attr = {.name = "msglog", .mode = 0400}, .read = opal_msglog_read };
Powered by blists - more mailing lists