openwrtv4/target/linux/generic/pending-4.9/920-mangle_bootargs.patch
Stijn Tintel 2d02a4f5bd kernel: update 4.9 to 4.9.44
Refresh patches.
Adapt 704-phy-no-genphy-soft-reset.patch.
Remove brcm2708/950-0005-mm-Remove-the-PFN-busy-warning.patch.
Compile-tested on brcm2708/bcm2708 and x86/64.
Runtime-tested on brcm2708/bcm2708 and x86/64.

Fixes the following vulnerabilities:
- CVE-2017-7533
- CVE-2017-1000111
- CVE-2017-1000112

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-08-17 12:34:34 +02:00

71 lines
1.9 KiB
Diff

From: Imre Kaloz <kaloz@openwrt.org>
Subject: init: add CONFIG_MANGLE_BOOTARGS and disable it by default
Enabling this option renames the bootloader supplied root=
and rootfstype= variables, which might have to be know but
would break the automatisms OpenWrt uses.
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
---
init/Kconfig | 9 +++++++++
init/main.c | 24 ++++++++++++++++++++++++
2 files changed, 33 insertions(+)
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -1687,6 +1687,15 @@ config EMBEDDED
an embedded system so certain expert options are available
for configuration.
+config MANGLE_BOOTARGS
+ bool "Rename offending bootargs"
+ depends on EXPERT
+ help
+ Sometimes the bootloader passed bogus root= and rootfstype=
+ parameters to the kernel, and while you want to ignore them,
+ you need to know the values f.e. to support dual firmware
+ layouts on the flash.
+
config HAVE_PERF_EVENTS
bool
help
--- a/init/main.c
+++ b/init/main.c
@@ -352,6 +352,29 @@ static inline void setup_nr_cpu_ids(void
static inline void smp_prepare_cpus(unsigned int maxcpus) { }
#endif
+#ifdef CONFIG_MANGLE_BOOTARGS
+static void __init mangle_bootargs(char *command_line)
+{
+ char *rootdev;
+ char *rootfs;
+
+ rootdev = strstr(command_line, "root=/dev/mtdblock");
+
+ if (rootdev)
+ strncpy(rootdev, "mangled_rootblock=", 18);
+
+ rootfs = strstr(command_line, "rootfstype");
+
+ if (rootfs)
+ strncpy(rootfs, "mangled_fs", 10);
+
+}
+#else
+static void __init mangle_bootargs(char *command_line)
+{
+}
+#endif
+
/*
* We need to store the untouched command line for future reference.
* We also need to store the touched command line since the parameter
@@ -504,6 +527,7 @@ asmlinkage __visible void __init start_k
pr_notice("%s", linux_banner);
setup_arch(&command_line);
mm_init_cpumask(&init_mm);
+ mangle_bootargs(command_line);
setup_command_line(command_line);
setup_nr_cpu_ids();
setup_per_cpu_areas();