42b3050a74
CVE-2022-28736 CVE-2022-28735 CVE-2022-28734 CVE-2022-28733 CVE-2021-3697 CVE-2021-3696 CVE-2021-3695 Resolves: #2070688 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
32 lines
1.3 KiB
Diff
32 lines
1.3 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Peter Jones <pjones@redhat.com>
|
|
Date: Thu, 24 Feb 2022 16:32:51 -0500
|
|
Subject: [PATCH] modules: make .module_license read-only
|
|
|
|
Currently .module_license is set writable (that is, the section has the
|
|
SHF_WRITE flag set) in the module's ELF headers. This probably never
|
|
actually matters, but it can't possibly be correct.
|
|
|
|
This patch sets that data as "const", which causes that flag not to be
|
|
set.
|
|
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
(cherry picked from commit 2eff3e2c9d9e6b75daa81b840c96f112ef7d5de6)
|
|
---
|
|
include/grub/dl.h | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/include/grub/dl.h b/include/grub/dl.h
|
|
index 20d870f2a4..618ae6f474 100644
|
|
--- a/include/grub/dl.h
|
|
+++ b/include/grub/dl.h
|
|
@@ -121,7 +121,7 @@ grub_mod_fini (void)
|
|
#define ATTRIBUTE_USED __unused__
|
|
#endif
|
|
#define GRUB_MOD_LICENSE(license) \
|
|
- static char grub_module_license[] __attribute__ ((section (GRUB_MOD_SECTION (module_license)), ATTRIBUTE_USED)) = "LICENSE=" license;
|
|
+ static const char grub_module_license[] __attribute__ ((section (GRUB_MOD_SECTION (module_license)), ATTRIBUTE_USED)) = "LICENSE=" license;
|
|
#define GRUB_MOD_DEP(name) \
|
|
static const char grub_module_depend_##name[] \
|
|
__attribute__((section(GRUB_MOD_SECTION(moddeps)), ATTRIBUTE_USED)) = #name
|