Date: Wed, 17 Jun 2020 13:49:46 +0200
From: Wade Mealing <wmealing@redhat.com>
Subject: [PATCH v2] Revert "zram: convert remaining CLASS_ATTR() to
CLASS_ATTR_RO()"
Patch-mainline: v5.8-rc6
References: bsc#1173074 CVE-2020-10781
Git-commit: 853eab68afc80f59f36bbdeb715e5c88c501e680
Turns out that the permissions for 0400 really are what we want here,
otherwise any user can read from this file.
[fixed formatting, added changelog, and made attribute static - gregkh]
Reported-by: Wade Mealing <wmealing@redhat.com>
Cc: stable <stable@vger.kernel.org>
Fixes: f40609d1591f ("zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()")
Link: https://bugzilla.redhat.com/show_bug.cgi?id=1847832
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Acked-by: Lee Duncan <lduncan@suse.com>
---
v2: fix read/write confusion in the changelog, thanks to Steffen for the
review.
was more specific as to the changes I made to the original patch.
drivers/block/zram/zram_drv.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c
index 6e2ad90b17a3..270dd810be54 100644
--- a/drivers/block/zram/zram_drv.c
+++ b/drivers/block/zram/zram_drv.c
@@ -2021,7 +2021,8 @@ static ssize_t hot_add_show(struct class *class,
return ret;
return scnprintf(buf, PAGE_SIZE, "%d\n", ret);
}
-static CLASS_ATTR_RO(hot_add);
+static struct class_attribute class_attr_hot_add =
+ __ATTR(hot_add, 0400, hot_add_show, NULL);
static ssize_t hot_remove_store(struct class *class,
struct class_attribute *attr,
--
2.27.0