RTCs: handle NVRAM better
authorDavid Brownell <david-b@pacbell.net>
Thu, 15 Nov 2007 00:58:30 +0000 (16:58 -0800)
committerLinus Torvalds <torvalds@woody.linux-foundation.org>
Thu, 15 Nov 2007 02:45:36 +0000 (18:45 -0800)
Several of the RTC drivers are exporting binary "nvram" files in sysfs.  Such
NVRAM (or on many systems, EEPROM) data is often initialized during system
manufacture to hold data about identity (serial numbers, Ethernet addresses,
etc), configuration, calibration, and so forth.

This patch improves integrity and security of those files:

  - Correctly initializes the size in one of the two cases where
    that was not yet being done.

  - Improves system security/integrity by making this state not
    be world-writable by default.

Letting arbitrary userspace code mangle such state by default is at least Not
A Good Thing; and it could sometimes be worse, depending on the particular
data that might be corrupted.  (I disregard the paranoiac "don't let anyone
read it either" approach.  Anyone storing passwords in such memory doesn't
really care about security.)

Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Acked-by: Atsushi Nemoto <anemo@mba.ocn.ne.jp>
Cc: Torsten Ertbjerg Rasmussen <tr@newtec.dk>
Cc: Mark Zhan <rongkai.zhan@windriver.com>
Cc: Thomas Hommel <thomas.hommel@gefanuc.com>
Acked-by: Alessandro Zummo <a.zummo@towertech.it>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
drivers/rtc/rtc-ds1553.c
drivers/rtc/rtc-ds1742.c
drivers/rtc/rtc-m48t59.c
drivers/rtc/rtc-stk17ta8.c

index bb53c09bad169beb8427755a3de4e0aaf665dbf7..d9e848dcd450c520000f21a687b3a7e349240094 100644 (file)
@@ -291,7 +291,7 @@ static ssize_t ds1553_nvram_write(struct kobject *kobj,
 static struct bin_attribute ds1553_nvram_attr = {
        .attr = {
                .name = "nvram",
-               .mode = S_IRUGO | S_IWUGO,
+               .mode = S_IRUGO | S_IWUSR,
        },
        .size = RTC_OFFSET,
        .read = ds1553_nvram_read,
index c535b78698e22634377c049e3c5c91fe2c77ad89..2e73f0b183b2fd94540cc6624c0d2281cfc72950 100644 (file)
@@ -160,10 +160,13 @@ static ssize_t ds1742_nvram_write(struct kobject *kobj,
 static struct bin_attribute ds1742_nvram_attr = {
        .attr = {
                .name = "nvram",
-               .mode = S_IRUGO | S_IWUGO,
+               .mode = S_IRUGO | S_IWUSR,
        },
        .read = ds1742_nvram_read,
        .write = ds1742_nvram_write,
+       /* REVISIT: size in sysfs won't match actual size... if it's
+        * not a constant, each RTC should have its own attribute.
+        */
 };
 
 static int __devinit ds1742_rtc_probe(struct platform_device *pdev)
index 2bad1637330a8cdb9258e481ffa031c8492defba..cd0bbc0e8038c68c6b31798f30f820a5c558a66b 100644 (file)
@@ -353,11 +353,12 @@ static ssize_t m48t59_nvram_write(struct kobject *kobj,
 static struct bin_attribute m48t59_nvram_attr = {
        .attr = {
                .name = "nvram",
-               .mode = S_IRUGO | S_IWUGO,
+               .mode = S_IRUGO | S_IWUSR,
                .owner = THIS_MODULE,
        },
        .read = m48t59_nvram_read,
        .write = m48t59_nvram_write,
+       .size = M48T59_NVRAM_SIZE,
 };
 
 static int __devinit m48t59_rtc_probe(struct platform_device *pdev)
index 8288b6b2bf2b2c9971efe99a74a08e579ee8c659..a265da7c6ff8db2908b0686bf376157a3017157f 100644 (file)
@@ -291,7 +291,7 @@ static ssize_t stk17ta8_nvram_write(struct kobject *kobj,
 static struct bin_attribute stk17ta8_nvram_attr = {
        .attr = {
                .name = "nvram",
-               .mode = S_IRUGO | S_IWUGO,
+               .mode = S_IRUGO | S_IWUSR,
                .owner = THIS_MODULE,
        },
        .size = RTC_OFFSET,