mtd: require write permissions for locking and badblock ioctls

[ Upstream commit 1e97743fd180981bef5f01402342bb54bf1c6366 ]

MEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require
write permission. Depending on the hardware MEMLOCK might even be
write-once, e.g. for SPI-NOR flashes with their WP# tied to GND. OTPLOCK
is always write-once.

MEMSETBADBLOCK modifies the bad block table.

Fixes: f7e6b19bc764 ("mtd: properly check all write ioctls for permissions")
Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Acked-by: Rafał Miłecki <rafal@milecki.pl>
Acked-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Link: https://lore.kernel.org/linux-mtd/20210303155735.25887-1-michael@walle.cc
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/drivers/mtd/mtdchar.c b/drivers/mtd/mtdchar.c
index 331183548bc588e7bc62a320a3453e1867207fca..b43b8edc18ec84fe5c71ce84c92a334ba5b07f94 100644 (file)
--- a/drivers/mtd/mtdchar.c
+++ b/drivers/mtd/mtdchar.c
@@ -689,16 +689,12 @@ static int mtdchar_ioctl(struct file *file, u_int cmd, u_long arg)
        case MEMGETINFO:
        case MEMREADOOB:
        case MEMREADOOB64:
-       case MEMLOCK:
-       case MEMUNLOCK:
        case MEMISLOCKED:
        case MEMGETOOBSEL:
        case MEMGETBADBLOCK:
-       case MEMSETBADBLOCK:
        case OTPSELECT:
        case OTPGETREGIONCOUNT:
        case OTPGETREGIONINFO:
-       case OTPLOCK:
        case ECCGETLAYOUT:
        case ECCGETSTATS:
        case MTDFILEMODE:
@@ -709,9 +705,13 @@ static int mtdchar_ioctl(struct file *file, u_int cmd, u_long arg)
        /* "dangerous" commands */
        case MEMERASE:
        case MEMERASE64:
+       case MEMLOCK:
+       case MEMUNLOCK:
+       case MEMSETBADBLOCK:
        case MEMWRITEOOB:
        case MEMWRITEOOB64:
        case MEMWRITE:
+       case OTPLOCK:
                if (!(file->f_mode & FMODE_WRITE))
                        return -EPERM;
                break;