aboutsummaryrefslogtreecommitdiffstats
path: root/target/linux/ipq806x/patches-4.4/019-3-nvmem-Add-flag-to-export-NVMEM-to-root-only.patch
diff options
context:
space:
mode:
Diffstat (limited to 'target/linux/ipq806x/patches-4.4/019-3-nvmem-Add-flag-to-export-NVMEM-to-root-only.patch')
-rw-r--r--target/linux/ipq806x/patches-4.4/019-3-nvmem-Add-flag-to-export-NVMEM-to-root-only.patch101
1 files changed, 101 insertions, 0 deletions
diff --git a/target/linux/ipq806x/patches-4.4/019-3-nvmem-Add-flag-to-export-NVMEM-to-root-only.patch b/target/linux/ipq806x/patches-4.4/019-3-nvmem-Add-flag-to-export-NVMEM-to-root-only.patch
new file mode 100644
index 0000000000..77136eab72
--- /dev/null
+++ b/target/linux/ipq806x/patches-4.4/019-3-nvmem-Add-flag-to-export-NVMEM-to-root-only.patch
@@ -0,0 +1,101 @@
+From 811b0d6538b9f26f3eb0f90fe4e6118f2480ec6f Mon Sep 17 00:00:00 2001
+From: Andrew Lunn <andrew@lunn.ch>
+Date: Fri, 26 Feb 2016 20:59:18 +0100
+Subject: nvmem: Add flag to export NVMEM to root only
+
+Legacy AT24, AT25 EEPROMs are exported in sys so that only root can
+read the contents. The EEPROMs may contain sensitive information. Add
+a flag so the provide can indicate that NVMEM should also restrict
+access to root only.
+
+Signed-off-by: Andrew Lunn <andrew@lunn.ch>
+Acked-by: Srinivas Kandagatla <srinivas.kandagatla@linaro.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/nvmem/core.c | 57 ++++++++++++++++++++++++++++++++++++++++--
+ include/linux/nvmem-provider.h | 1 +
+ 2 files changed, 56 insertions(+), 2 deletions(-)
+
+--- a/drivers/nvmem/core.c
++++ b/drivers/nvmem/core.c
+@@ -161,6 +161,53 @@ static const struct attribute_group *nvm
+ NULL,
+ };
+
++/* default read/write permissions, root only */
++static struct bin_attribute bin_attr_rw_root_nvmem = {
++ .attr = {
++ .name = "nvmem",
++ .mode = S_IWUSR | S_IRUSR,
++ },
++ .read = bin_attr_nvmem_read,
++ .write = bin_attr_nvmem_write,
++};
++
++static struct bin_attribute *nvmem_bin_rw_root_attributes[] = {
++ &bin_attr_rw_root_nvmem,
++ NULL,
++};
++
++static const struct attribute_group nvmem_bin_rw_root_group = {
++ .bin_attrs = nvmem_bin_rw_root_attributes,
++};
++
++static const struct attribute_group *nvmem_rw_root_dev_groups[] = {
++ &nvmem_bin_rw_root_group,
++ NULL,
++};
++
++/* read only permission, root only */
++static struct bin_attribute bin_attr_ro_root_nvmem = {
++ .attr = {
++ .name = "nvmem",
++ .mode = S_IRUSR,
++ },
++ .read = bin_attr_nvmem_read,
++};
++
++static struct bin_attribute *nvmem_bin_ro_root_attributes[] = {
++ &bin_attr_ro_root_nvmem,
++ NULL,
++};
++
++static const struct attribute_group nvmem_bin_ro_root_group = {
++ .bin_attrs = nvmem_bin_ro_root_attributes,
++};
++
++static const struct attribute_group *nvmem_ro_root_dev_groups[] = {
++ &nvmem_bin_ro_root_group,
++ NULL,
++};
++
+ static void nvmem_release(struct device *dev)
+ {
+ struct nvmem_device *nvmem = to_nvmem_device(dev);
+@@ -355,8 +402,14 @@ struct nvmem_device *nvmem_register(cons
+ nvmem->read_only = of_property_read_bool(np, "read-only") |
+ config->read_only;
+
+- nvmem->dev.groups = nvmem->read_only ? nvmem_ro_dev_groups :
+- nvmem_rw_dev_groups;
++ if (config->root_only)
++ nvmem->dev.groups = nvmem->read_only ?
++ nvmem_ro_root_dev_groups :
++ nvmem_rw_root_dev_groups;
++ else
++ nvmem->dev.groups = nvmem->read_only ?
++ nvmem_ro_dev_groups :
++ nvmem_rw_dev_groups;
+
+ device_initialize(&nvmem->dev);
+
+--- a/include/linux/nvmem-provider.h
++++ b/include/linux/nvmem-provider.h
+@@ -23,6 +23,7 @@ struct nvmem_config {
+ const struct nvmem_cell_info *cells;
+ int ncells;
+ bool read_only;
++ bool root_only;
+ };
+
+ #if IS_ENABLED(CONFIG_NVMEM)