target/linux/ipq806x/patches-4.4/019-3-nvmem-Add-flag-to-export-NVMEM-to-root-only.patch

   1 From 811b0d6538b9f26f3eb0f90fe4e6118f2480ec6f Mon Sep 17 00:00:00 2001
   2 From: Andrew Lunn <andrew@lunn.ch>
   3 Date: Fri, 26 Feb 2016 20:59:18 +0100
   4 Subject: nvmem: Add flag to export NVMEM to root only
   5
   6 Legacy AT24, AT25 EEPROMs are exported in sys so that only root can
   7 read the contents. The EEPROMs may contain sensitive information. Add
   8 a flag so the provide can indicate that NVMEM should also restrict
   9 access to root only.
  10
  11 Signed-off-by: Andrew Lunn <andrew@lunn.ch>
  12 Acked-by: Srinivas Kandagatla <srinivas.kandagatla@linaro.org>
  13 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  14 ---
  15  drivers/nvmem/core.c           | 57 ++++++++++++++++++++++++++++++++++++++++--
  16  include/linux/nvmem-provider.h |  1 +
  17  2 files changed, 56 insertions(+), 2 deletions(-)
  18
  19 --- a/drivers/nvmem/core.c
  20 +++ b/drivers/nvmem/core.c
  21 @@ -161,6 +161,53 @@ static const struct attribute_group *nvm
  22         NULL,
  23  };
  24
  25 +/* default read/write permissions, root only */
  26 +static struct bin_attribute bin_attr_rw_root_nvmem = {
  27 +       .attr   = {
  28 +               .name   = "nvmem",
  29 +               .mode   = S_IWUSR | S_IRUSR,
  30 +       },
  31 +       .read   = bin_attr_nvmem_read,
  32 +       .write  = bin_attr_nvmem_write,
  33 +};
  34 +
  35 +static struct bin_attribute *nvmem_bin_rw_root_attributes[] = {
  36 +       &bin_attr_rw_root_nvmem,
  37 +       NULL,
  38 +};
  39 +
  40 +static const struct attribute_group nvmem_bin_rw_root_group = {
  41 +       .bin_attrs      = nvmem_bin_rw_root_attributes,
  42 +};
  43 +
  44 +static const struct attribute_group *nvmem_rw_root_dev_groups[] = {
  45 +       &nvmem_bin_rw_root_group,
  46 +       NULL,
  47 +};
  48 +
  49 +/* read only permission, root only */
  50 +static struct bin_attribute bin_attr_ro_root_nvmem = {
  51 +       .attr   = {
  52 +               .name   = "nvmem",
  53 +               .mode   = S_IRUSR,
  54 +       },
  55 +       .read   = bin_attr_nvmem_read,
  56 +};
  57 +
  58 +static struct bin_attribute *nvmem_bin_ro_root_attributes[] = {
  59 +       &bin_attr_ro_root_nvmem,
  60 +       NULL,
  61 +};
  62 +
  63 +static const struct attribute_group nvmem_bin_ro_root_group = {
  64 +       .bin_attrs      = nvmem_bin_ro_root_attributes,
  65 +};
  66 +
  67 +static const struct attribute_group *nvmem_ro_root_dev_groups[] = {
  68 +       &nvmem_bin_ro_root_group,
  69 +       NULL,
  70 +};
  71 +
  72  static void nvmem_release(struct device *dev)
  73  {
  74         struct nvmem_device *nvmem = to_nvmem_device(dev);
  75 @@ -355,8 +402,14 @@ struct nvmem_device *nvmem_register(cons
  76         nvmem->read_only = of_property_read_bool(np, "read-only") |
  77                            config->read_only;
  78
  79 -       nvmem->dev.groups = nvmem->read_only ? nvmem_ro_dev_groups :
  80 -                                              nvmem_rw_dev_groups;
  81 +       if (config->root_only)
  82 +               nvmem->dev.groups = nvmem->read_only ?
  83 +                       nvmem_ro_root_dev_groups :
  84 +                       nvmem_rw_root_dev_groups;
  85 +       else
  86 +               nvmem->dev.groups = nvmem->read_only ?
  87 +                       nvmem_ro_dev_groups :
  88 +                       nvmem_rw_dev_groups;
  89
  90         device_initialize(&nvmem->dev);
  91
  92 --- a/include/linux/nvmem-provider.h
  93 +++ b/include/linux/nvmem-provider.h
  94 @@ -23,6 +23,7 @@ struct nvmem_config {
  95         const struct nvmem_cell_info    *cells;
  96         int                     ncells;
  97         bool                    read_only;
  98 +       bool                    root_only;
  99  };
 100
 101  #if IS_ENABLED(CONFIG_NVMEM)