]>
git.proxmox.com Git - mirror_ubuntu-hirsute-kernel.git/commitdiff
projects
/
mirror_ubuntu-hirsute-kernel.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
398a884
)
debugfs: Make debugfs_allow RO after init
author
Kees Cook
<keescook@chromium.org>
Mon, 5 Apr 2021 21:39:59 +0000
(14:39 -0700)
committer
Stefan Bader
<stefan.bader@canonical.com>
Fri, 18 Jun 2021 09:07:37 +0000
(11:07 +0200)
BugLink:
https://bugs.launchpad.net/bugs/1931292
commit
312723a0b34d6d110aa4427a982536bb36ab8471
upstream.
Since debugfs_allow is only set at boot time during __init, make it
read-only after being set.
Fixes: a24c6f7bc923 ("debugfs: Add access restriction option")
Cc: Peter Enderborg <peter.enderborg@sony.com>
Reviewed-by: Peter Enderborg <peter.enderborg@sony.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Link:
https://lore.kernel.org/r/20210405213959.3079432-1-keescook@chromium.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
fs/debugfs/inode.c
patch
|
blob
|
blame
|
history
diff --git
a/fs/debugfs/inode.c
b/fs/debugfs/inode.c
index 86c7f048962078154e3f086b16a27cc2704a9b45..720d65f224f090217df390801682dffa8998f2e2 100644
(file)
--- a/
fs/debugfs/inode.c
+++ b/
fs/debugfs/inode.c
@@
-35,7
+35,7
@@
static struct vfsmount *debugfs_mount;
static int debugfs_mount_count;
static bool debugfs_registered;
-static unsigned int debugfs_allow = DEFAULT_DEBUGFS_ALLOW_BITS;
+static unsigned int debugfs_allow
__ro_after_init
= DEFAULT_DEBUGFS_ALLOW_BITS;
/*
* Don't allow access attributes to be changed whilst the kernel is locked down