From f2c3875dfcbf82d993ebe20f9563125c5fde2c60 Mon Sep 17 00:00:00 2001
From: Daniel Golle <daniel@makrotopia.org>
Date: Tue, 11 Jan 2022 00:00:36 +0000
Subject: generic: deny write to uImage.FIT sub-image partitions

Set policy bit to force read-only mode on uImage.FIT filesystem
sub-images mapped as block partitions by the FIT partition parser.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
---
 target/linux/generic/files/block/partitions/fit.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'target/linux/generic/files')

diff --git a/target/linux/generic/files/block/partitions/fit.c b/target/linux/generic/files/block/partitions/fit.c
index a0aa0eadf5..fa73e64af8 100644
--- a/target/linux/generic/files/block/partitions/fit.c
+++ b/target/linux/generic/files/block/partitions/fit.c
@@ -230,7 +230,7 @@ int parse_fit_partitions(struct parsed_partitions *state, u64 fit_start_sector,
 		strlcat(state->pp_buf, tmp, PAGE_SIZE);
 
 		state->parts[*slot].has_info = true;
-
+		state->parts[*slot].flags |= ADDPART_FLAG_READONLY;
 		if (config_loadables && !strcmp(image_name, config_loadables)) {
 			printk(KERN_DEBUG "FIT: selecting configured loadable \"%s\" to be root filesystem\n", image_name);
 			state->parts[*slot].flags |= ADDPART_FLAG_ROOTDEV;
-- 
cgit v1.2.3