webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-05-10 09:18:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

linux: Disable LSM for /dev/io port access

Browse Source 
flashrom needs access to /dev/io ports for flashing firmware, a
functionality we cannot cease to support. Therefore, LSM constraints are
disabled for ioport.c, hopefully permitting us to keep it enabled.

Reported-by: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
This commit is contained in:
Peter Müller
2022-04-19 13:57:35 +00:00
parent 1a4e1bc320
commit 5b966f1b0a
2 changed files with 33 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lfs/linux
View File

@@ -143,6 +143,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
# https://bugzilla.ipfire.org/show_bug.cgi?id=12760
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-5.15-NFQUEUE-Hold-RCU-read-lock-while-calling-nf_reinject.patch
# Unfortunately, /dev/io access is needed for firmware flashing; patch out LSM part in ioport.c
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-5.15.32-disable_lsm_for_ioport_access.patch
ifeq "$(BUILD_ARCH)" "armv6l"
# Apply Arm-multiarch kernel patches.
cd $(DIR_APP) && xzcat $(DIR_DL)/arm-multi-patches-$(ARM_PATCHES).patch.xz | patch -Np1