lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <7a2e8819-ac70-4070-a731-53994c72cd79@kernel.org>
Date: Sat, 28 Sep 2024 15:02:47 +0200
From: Krzysztof Kozlowski <krzk@...nel.org>
To: Daniel Golle <daniel@...rotopia.org>,
 Miquel Raynal <miquel.raynal@...tlin.com>,
 Richard Weinberger <richard@....at>, Vignesh Raghavendra <vigneshr@...com>,
 Rob Herring <robh@...nel.org>, Krzysztof Kozlowski <krzk+dt@...nel.org>,
 Conor Dooley <conor+dt@...nel.org>, Zhihao Cheng <chengzhihao1@...wei.com>,
 John Crispin <john@...ozen.org>, linux-mtd@...ts.infradead.org,
 devicetree@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH RFC 1/2] dt-bindings: mtd: ubi-volume: add
 'volume-is-critical' property

On 28/09/2024 14:47, Daniel Golle wrote:
> Add the 'volume-is-critical' boolean property which marks a UBI volume
> as critical for the device to boot. If set it prevents the user from
> all kinds of write access to the volume as well as from renaming it or
> detaching the UBI device it is located on.
> 
> Signed-off-by: Daniel Golle <daniel@...rotopia.org>
> ---
>  .../devicetree/bindings/mtd/partitions/ubi-volume.yaml   | 9 +++++++++
>  1 file changed, 9 insertions(+)
> 
> diff --git a/Documentation/devicetree/bindings/mtd/partitions/ubi-volume.yaml b/Documentation/devicetree/bindings/mtd/partitions/ubi-volume.yaml
> index 19736b26056b..2bd751bb7f9e 100644
> --- a/Documentation/devicetree/bindings/mtd/partitions/ubi-volume.yaml
> +++ b/Documentation/devicetree/bindings/mtd/partitions/ubi-volume.yaml
> @@ -29,6 +29,15 @@ properties:
>      description:
>        This container may reference an NVMEM layout parser.
>  
> +  volume-is-critical:
> +    description: This parameter, if present, indicates that the UBI volume
> +      contains early-boot firmware images or data which should not be clobbered.
> +      If set, it prevents the user from renaming the volume, writing to it or
> +      making any changes affecting it, as well as detaching the UBI device it is
> +      located on, so direct access to the underlying MTD device is prevented as
> +      well.
> +    type: boolean

UBI volumes are mapping to partitions 1-to-1, right? So rather I would
propose to use partition.yaml - we already have read-only there with
very similar description.

Best regards,
Krzysztof

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ