git.baikalelectronics.ru Git - kernel.git/commit

author	Geert Uytterhoeven <geert+renesas@glider.be>
	Mon, 21 Oct 2019 14:23:09 +0000 (16:23 +0200)
committer	Michael Ellerman <mpe@ellerman.id.au>
	Tue, 5 Nov 2019 11:29:27 +0000 (22:29 +1100)
commit	9e51e80546eb2f68f6f2f199521c6a831370d5d2
tree	d200d724507722b1c5bf0aa7de17fe3db7dfe8b0	tree \| snapshot
parent	2e7fa66a9643ddf3f976763dda0d4dca04a53df2	commit \| diff

powerpc/security: Fix debugfs data leak on 32-bit

"powerpc_security_features" is "unsigned long", i.e. 32-bit or 64-bit,
depending on the platform (PPC_FSL_BOOK3E or PPC_BOOK3S_64). Hence
casting its address to "u64 *", and calling debugfs_create_x64() is
wrong, and leaks 32-bit of nearby data to userspace on 32-bit platforms.

While all currently defined SEC_FTR_* security feature flags fit in
32-bit, they all have "ULL" suffixes to make them 64-bit constants.
Hence fix the leak by changing the type of "powerpc_security_features"
(and the parameter types of its accessors) to "u64". This also allows
to drop the cast.

Fixes: 0ff6a7e9aa9a10f6 ("powerpc/security: Show powerpc_security_features in debugfs")
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20191021142309.28105-1-geert+renesas@glider.be

arch/powerpc/include/asm/security_features.h		diff \| blob \| history
arch/powerpc/kernel/security.c		diff \| blob \| history