[PATCH openEuler-1.0-LTS] dm verity: set DM_TARGET_IMMUTABLE feature flag

From: Sarthak Kukreti sarthakkukreti@google.com

stable inclusion from stable-4.19.246 commit 6bff6107d1364c95109609c3fd680e6c8d7fa503 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/I5M4ZO CVE: CVE-2022-2503

--------------------------------

commit 4caae58406f8ceb741603eee460d79bacca9b1b5 upstream.

The device-mapper framework provides a mechanism to mark targets as immutable (and hence fail table reloads that try to change the target type). Add the DM_TARGET_IMMUTABLE flag to the dm-verity target's feature flags to prevent switching the verity target with a different target type.

Fixes: a4ffc152198e ("dm: add verity target") Cc: stable@vger.kernel.org Signed-off-by: Sarthak Kukreti sarthakkukreti@google.com Reviewed-by: Kees Cook keescook@chromium.org Signed-off-by: Mike Snitzer snitzer@kernel.org Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org Signed-off-by: Luo Meng luomeng12@huawei.com

Conflicts: drivers/md/dm-verity-target.c Reviewed-by: Xiu Jianfeng xiujianfeng@huawei.com Reviewed-by: Zhang Xiaoxu zhangxiaoxu5@huawei.com Signed-off-by: Yongqiang Liu liuyongqiang13@huawei.com --- drivers/md/dm-verity-target.c | 1 + 1 file changed, 1 insertion(+)

diff --git a/drivers/md/dm-verity-target.c b/drivers/md/dm-verity-target.c index f4221c4e8d3d..e6dd19d14cde 100644 --- a/drivers/md/dm-verity-target.c +++ b/drivers/md/dm-verity-target.c @@ -1242,6 +1242,7 @@ static int verity_ctr(struct dm_target *ti, unsigned argc, char **argv)

static struct target_type verity_target = { .name = "verity", + .features = DM_TARGET_IMMUTABLE, .version = {1, 5, 0}, .module = THIS_MODULE, .ctr = verity_ctr,