From: Joe Konno <joe.konno@xxxxxxxxx> Efivarfs nodes are created with group and world readable permissions. Reading certain EFI variables trigger SMIs. So, this is a potential DoS surface. Make permissions more restrictive-- only the owner may read or write to created inodes. Suggested-by: Andi Kleen <ak@xxxxxxxxxxxxxxx> Reported-by: Tony Luck <tony.luck@xxxxxxxxx> Cc: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> Cc: Matthew Garrett <matthew.garrett@xxxxxxxxxx> Cc: Jeremy Kerr <jk@xxxxxxxxxx> Cc: linux-efi@xxxxxxxxxxxxxxx Cc: stable@xxxxxxxxxxxxxxx Signed-off-by: Joe Konno <joe.konno@xxxxxxxxx> --- fs/efivarfs/super.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/efivarfs/super.c b/fs/efivarfs/super.c index 5b68e4294faa..ca98c4e31eb7 100644 --- a/fs/efivarfs/super.c +++ b/fs/efivarfs/super.c @@ -145,7 +145,7 @@ static int efivarfs_callback(efi_char16_t *name16, efi_guid_t vendor, name[len + EFI_VARIABLE_GUID_LEN+1] = '\0'; - inode = efivarfs_get_inode(sb, d_inode(root), S_IFREG | 0644, 0, + inode = efivarfs_get_inode(sb, d_inode(root), S_IFREG | 0600, 0, is_removable); if (!inode) goto fail_name; @@ -207,7 +207,7 @@ static int efivarfs_fill_super(struct super_block *sb, void *data, int silent) sb->s_d_op = &efivarfs_d_ops; sb->s_time_gran = 1; - inode = efivarfs_get_inode(sb, NULL, S_IFDIR | 0755, 0, true); + inode = efivarfs_get_inode(sb, NULL, S_IFDIR | 0700, 0, true); if (!inode) return -ENOMEM; inode->i_op = &efivarfs_dir_inode_operations; -- 2.14.1 -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
