diff mbox series

fbdev/udlfb: Remove world-writability from EDID attribute

Message ID 20241215-udlfb-perms-v1-1-2d1f8c96b1ab@weissschuh.net (mailing list archive)
State New, archived
Headers show
Series fbdev/udlfb: Remove world-writability from EDID attribute | expand

Commit Message

Thomas Weißschuh Dec. 15, 2024, 3:15 p.m. UTC
It should not be possible for every user to override the EDID.
Limit it to the system administrator.

Fixes: 8ef8cc4fca4a ("staging: udlfb: support for writing backup EDID to sysfs file")
Cc: stable@vger.kernel.org
Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
---
The EDID passed through sysfs is only used as a fallback if the hardware
does not provide one. To me it still feels incorrect to have this
world-writable.
---
 drivers/video/fbdev/udlfb.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


---
base-commit: 2d8308bf5b67dff50262d8a9260a50113b3628c6
change-id: 20241215-udlfb-perms-bb6ed270facf

Best regards,

Comments

Helge Deller Dec. 15, 2024, 4:04 p.m. UTC | #1
On 12/15/24 16:15, Thomas Weißschuh wrote:
> It should not be possible for every user to override the EDID.
> Limit it to the system administrator.
>
> Fixes: 8ef8cc4fca4a ("staging: udlfb: support for writing backup EDID to sysfs file")
> Cc: stable@vger.kernel.org
> Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
> ---
> The EDID passed through sysfs is only used as a fallback if the hardware
> does not provide one. To me it still feels incorrect to have this
> world-writable.

I'm wondering if there is any real danger to the system integrity if
a user writes an own EDID (or a broken one)?
I mean, the only reason to use an own EDID is if you are a desktop user,
and then you usually are not a root user.
So, user-writeable *seems* safe to me, especially since the provided EDID is only
used if a real one isn't provided by the monitor.

Maybe Bernie has an opinion here?

Helge



> ---
>   drivers/video/fbdev/udlfb.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/video/fbdev/udlfb.c b/drivers/video/fbdev/udlfb.c
> index 71ac9e36f67c68aa7a54dce32323047a2a9a48bf..391bdb71197549caa839d862f0ce7456dc7bf9ec 100644
> --- a/drivers/video/fbdev/udlfb.c
> +++ b/drivers/video/fbdev/udlfb.c
> @@ -1480,7 +1480,7 @@ static ssize_t metrics_reset_store(struct device *fbdev,
>
>   static const struct bin_attribute edid_attr = {
>   	.attr.name = "edid",
> -	.attr.mode = 0666,
> +	.attr.mode = 0644,
>   	.size = EDID_LENGTH,
>   	.read = edid_show,
>   	.write = edid_store
>
> ---
> base-commit: 2d8308bf5b67dff50262d8a9260a50113b3628c6
> change-id: 20241215-udlfb-perms-bb6ed270facf
>
> Best regards,
diff mbox series

Patch

diff --git a/drivers/video/fbdev/udlfb.c b/drivers/video/fbdev/udlfb.c
index 71ac9e36f67c68aa7a54dce32323047a2a9a48bf..391bdb71197549caa839d862f0ce7456dc7bf9ec 100644
--- a/drivers/video/fbdev/udlfb.c
+++ b/drivers/video/fbdev/udlfb.c
@@ -1480,7 +1480,7 @@  static ssize_t metrics_reset_store(struct device *fbdev,
 
 static const struct bin_attribute edid_attr = {
 	.attr.name = "edid",
-	.attr.mode = 0666,
+	.attr.mode = 0644,
 	.size = EDID_LENGTH,
 	.read = edid_show,
 	.write = edid_store