From 9072333533d21855374e9e4ef23ae728aa0c7f1c Mon Sep 17 00:00:00 2001 From: Daniel Golle Date: Tue, 11 Jan 2022 00:00:36 +0000 Subject: [PATCH] generic: deny write to uImage.FIT sub-image partitions Set policy bit to force read-only mode on uImage.FIT filesystem sub-images mapped as block partitions by the FIT partition parser. Signed-off-by: Daniel Golle --- target/linux/generic/files/block/partitions/fit.c | 2 +- .../hack-5.10/410-block-fit-partition-parser.patch | 10 +++++++--- .../hack-5.4/400-block-fit-partition-parser.patch | 10 +++++++--- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/target/linux/generic/files/block/partitions/fit.c b/target/linux/generic/files/block/partitions/fit.c index 3c9e36f1f..2849a2f92 100644 --- a/target/linux/generic/files/block/partitions/fit.c +++ b/target/linux/generic/files/block/partitions/fit.c @@ -233,7 +233,7 @@ int parse_fit_partitions(struct parsed_partitions *state, u64 fit_start_sector, strlcat(state->pp_buf, tmp, PAGE_SIZE); state->parts[*slot].has_info = true; - + state->parts[*slot].flags |= ADDPART_FLAG_READONLY; if (config_loadables && !strcmp(image_name, config_loadables)) { printk(KERN_DEBUG "FIT: selecting configured loadable \"%s\" to be root filesystem\n", image_name); state->parts[*slot].flags |= ADDPART_FLAG_ROOTDEV; diff --git a/target/linux/generic/hack-5.10/410-block-fit-partition-parser.patch b/target/linux/generic/hack-5.10/410-block-fit-partition-parser.patch index 49ef6dffb..6b64aa6d5 100644 --- a/target/linux/generic/hack-5.10/410-block-fit-partition-parser.patch +++ b/target/linux/generic/hack-5.10/410-block-fit-partition-parser.patch @@ -1,10 +1,11 @@ --- a/block/blk.h +++ b/block/blk.h -@@ -361,6 +361,7 @@ char *disk_name(struct gendisk *hd, int +@@ -361,6 +361,8 @@ char *disk_name(struct gendisk *hd, int #define ADDPART_FLAG_NONE 0 #define ADDPART_FLAG_RAID 1 #define ADDPART_FLAG_WHOLEDISK 2 -+#define ADDPART_FLAG_ROOTDEV 4 ++#define ADDPART_FLAG_READONLY 4 ++#define ADDPART_FLAG_ROOTDEV 8 void delete_partition(struct hd_struct *part); int bdev_add_partition(struct block_device *bdev, int partno, sector_t start, sector_t length); @@ -108,13 +109,16 @@ #ifdef CONFIG_FAIL_MAKE_REQUEST &dev_attr_fail.attr, #endif -@@ -701,6 +722,11 @@ static bool blk_add_partition(struct gen +@@ -701,6 +722,14 @@ static bool blk_add_partition(struct gen (state->parts[p].flags & ADDPART_FLAG_RAID)) md_autodetect_dev(part_to_dev(part)->devt); +#ifdef CONFIG_FIT_PARTITION + if ((state->parts[p].flags & ADDPART_FLAG_ROOTDEV) && ROOT_DEV == 0) + ROOT_DEV = part_to_dev(part)->devt; ++ ++ if (state->parts[p].flags & ADDPART_FLAG_READONLY) ++ part->policy = true; +#endif + return true; diff --git a/target/linux/generic/hack-5.4/400-block-fit-partition-parser.patch b/target/linux/generic/hack-5.4/400-block-fit-partition-parser.patch index fb4565d22..4001c09df 100644 --- a/target/linux/generic/hack-5.4/400-block-fit-partition-parser.patch +++ b/target/linux/generic/hack-5.4/400-block-fit-partition-parser.patch @@ -91,13 +91,16 @@ #ifdef CONFIG_FAIL_MAKE_REQUEST &dev_attr_fail.attr, #endif -@@ -641,6 +659,10 @@ rescan: +@@ -641,6 +659,13 @@ rescan: if (state->parts[p].flags & ADDPART_FLAG_RAID) md_autodetect_dev(part_to_dev(part)->devt); #endif +#ifdef CONFIG_FIT_PARTITION + if ((state->parts[p].flags & ADDPART_FLAG_ROOTDEV) && ROOT_DEV == 0) + ROOT_DEV = part_to_dev(part)->devt; ++ ++ if (state->parts[p].flags & ADDPART_FLAG_READONLY) ++ part->policy = true; +#endif } free_partitions(state); @@ -124,11 +127,12 @@ #endif --- a/include/linux/genhd.h +++ b/include/linux/genhd.h -@@ -614,6 +614,7 @@ struct unixware_disklabel { +@@ -614,6 +614,8 @@ struct unixware_disklabel { #define ADDPART_FLAG_NONE 0 #define ADDPART_FLAG_RAID 1 #define ADDPART_FLAG_WHOLEDISK 2 -+#define ADDPART_FLAG_ROOTDEV 4 ++#define ADDPART_FLAG_READONLY 4 ++#define ADDPART_FLAG_ROOTDEV 8 extern int blk_alloc_devt(struct hd_struct *part, dev_t *devt); extern void blk_free_devt(dev_t devt);