xref: /OK3568_Linux_fs/buildroot/boot/grub2/0043-commands-hdparm-Restrict-hdparm-command-when-locked-.patch (revision 4882a59341e53eb6f0b4789bf948001014eff981)

From 5c97492a29c6063567b65ed1a069f5e6f4e211f0 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Wed, 24 Feb 2021 12:59:29 +0100
Subject: [PATCH] commands/hdparm: Restrict hdparm command when locked down

The command can be used to get/set ATA disk parameters. Some of these can
be dangerous since change the disk behavior. Restrict it when locked down.

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
 grub-core/commands/hdparm.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/grub-core/commands/hdparm.c b/grub-core/commands/hdparm.c
index d3fa966..2e2319e 100644
--- a/grub-core/commands/hdparm.c
+++ b/grub-core/commands/hdparm.c
@@ -436,9 +436,9 @@ static grub_extcmd_t cmd;

 GRUB_MOD_INIT(hdparm)
 {
-  cmd = grub_register_extcmd ("hdparm", grub_cmd_hdparm, 0,
-			      N_("[OPTIONS] DISK"),
-			      N_("Get/set ATA disk parameters."), options);
+  cmd = grub_register_extcmd_lockdown ("hdparm", grub_cmd_hdparm, 0,
+				       N_("[OPTIONS] DISK"),
+				       N_("Get/set ATA disk parameters."), options);
 }

 GRUB_MOD_FINI(hdparm)
--
2.14.2