git.samba.org / sfrench / cifs-2.6.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
efi: vars: prohibit reading random seed variables
[sfrench/cifs-2.6.git] / fs / efivarfs / inode.c
diff --git a/fs/efivarfs/inode.c b/fs/efivarfs/inode.c
index 939e5e242b985bd8aa6024bc716c70afb549e492..617f3ad2485e8ce154883bbda8f66ba7413eec42 100644 (file)
--- a/fs/efivarfs/inode.c
+++ b/fs/efivarfs/inode.c
@@ -91,6 +91,10 @@ static int efivarfs_create(struct user_namespace *mnt_userns, struct inode *dir,
        err = guid_parse(dentry->d_name.name + namelen + 1, &var->var.VendorGuid);
        if (err)
                goto out;
+       if (guid_equal(&var->var.VendorGuid, &LINUX_EFI_RANDOM_SEED_TABLE_GUID)) {
+               err = -EPERM;
+               goto out;
+       }
 
        if (efivar_variable_is_removable(var->var.VendorGuid,
                                         dentry->d_name.name, namelen))
Unnamed repository; edit this file 'description' to name the repository.