-
Mika Westerberg authored
Firmware upgrade tools that decide which NVM image should be uploaded to the Thunderbolt controller need to access active parts of the NVM even if they are not run as root. The information in active NVM is not considered security critical so we can use the default permissions set by the NVMem framework. Writing the NVM image is still left as root only operation. While there mark the active NVM as read-only in the filesystem. Reported-by: Yehezkel Bernat <yehezkel.bernat@intel.com> Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com> Signed-off-by: Andreas Noever <andreas.noever@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
800161bd