[AMD Official Use Only - General]
> -----Original Message-----
> From: Limonciello, Mario <Mario.Limonciello@xxxxxxx>
> Sent: Wednesday, June 7, 2023 1:53 AM
> To: amd-gfx@xxxxxxxxxxxxxxxxxxxxx
> Cc: Limonciello, Mario <Mario.Limonciello@xxxxxxx>
> Subject: [PATCH 2/2] drm/amd: Tighten permissions on VBIOS flashing
> attributes
>
> Non-root users shouldn't be able to try to trigger a VBIOS flash
> or query the flashing status. This should be reserved for users with the
> appropriate permissions.
>
> Fixes: 8424f2ccb3c0 ("drm/amdgpu/psp: Add vbflash sysfs interface
> support")
> Reviewed-by: Alex Deucher <alexander.deucher@xxxxxxx>
> Signed-off-by: Mario Limonciello <mario.limonciello@xxxxxxx>
> ---
> drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c
> b/drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c
> index 8c60db176119..488d5b7ab97c 100644
> --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c
> +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c
> @@ -3671,13 +3671,13 @@ static ssize_t
> amdgpu_psp_vbflash_status(struct device *dev,
> }
>
> static const struct bin_attribute psp_vbflash_bin_attr = {
> - .attr = {.name = "psp_vbflash", .mode = 0664},
> + .attr = {.name = "psp_vbflash", .mode = 0220},
I noticed a mistake with this, it should be 0660.
If no other feedback I'll correct it when committing.
> .size = 0,
> .write = amdgpu_psp_vbflash_write,
> .read = amdgpu_psp_vbflash_read,
> };
>
> -static DEVICE_ATTR(psp_vbflash_status, 0444, amdgpu_psp_vbflash_status,
> NULL);
> +static DEVICE_ATTR(psp_vbflash_status, 0440, amdgpu_psp_vbflash_status,
> NULL);
>
> int amdgpu_psp_sysfs_init(struct amdgpu_device *adev)
> {
> --
> 2.34.1
