diff options
author | Jiao Zhou <jiaozhou@google.com> | 2023-10-20 01:46:39 +0300 |
---|---|---|
committer | Ard Biesheuvel <ardb@kernel.org> | 2023-10-20 01:47:18 +0300 |
commit | 5329aa5101f73c451bcd48deaf3f296685849d9c (patch) | |
tree | ec9c0fe5ebf3675c6385db7a49994affc2ede172 /fs/efivarfs/inode.c | |
parent | 0bb80ecc33a8fb5a682236443c1e740d5c917d1d (diff) | |
download | linux-5329aa5101f73c451bcd48deaf3f296685849d9c.tar.xz |
efivarfs: Add uid/gid mount options
Allow UEFI variables to be modified by non-root processes in order to
run sandboxed code. This doesn't change the behavior of mounting
efivarfs unless uid/gid are specified; by default both are set to root.
Signed-off-by: Jiao Zhou <jiaozhou@google.com>
Acked-by: Matthew Garrett <mgarrett@aurora.tech>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Diffstat (limited to 'fs/efivarfs/inode.c')
-rw-r--r-- | fs/efivarfs/inode.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/fs/efivarfs/inode.c b/fs/efivarfs/inode.c index db9231f0e77b..92e5e060e0ee 100644 --- a/fs/efivarfs/inode.c +++ b/fs/efivarfs/inode.c @@ -21,8 +21,12 @@ struct inode *efivarfs_get_inode(struct super_block *sb, dev_t dev, bool is_removable) { struct inode *inode = new_inode(sb); + struct efivarfs_fs_info *fsi = sb->s_fs_info; + struct efivarfs_mount_opts *opts = &fsi->mount_opts; if (inode) { + inode->i_uid = opts->uid; + inode->i_gid = opts->gid; inode->i_ino = get_next_ino(); inode->i_mode = mode; inode->i_atime = inode->i_mtime = inode_set_ctime_current(inode); |