Linux v4.14-12375-g2dcd9c71c1ff

1 files changed, 15 insertions, 14 deletions

diff --git a/efi-lockdown.patch b/efi-lockdown.patch
index 6b5c43800..c99d85c12 100644
--- a/efi-lockdown.patch
+++ b/efi-lockdown.patch
@@ -1403,32 +1403,33 @@ cc: Matthew Garrett <matthew.garrett@nebula.com>
 cc: Thomas Gleixner <tglx@linutronix.de>
 ---
  fs/debugfs/file.c | 6 ++++++
- 1 file changed, 6 insertions(+)
 
+ 1 file changed, 6 insertions(+)
 diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c
-index 6dabc4a10396..32b5168a7e91 100644
+index cd12e6576b48..097be2a59c51 100644
 --- a/fs/debugfs/file.c
 +++ b/fs/debugfs/file.c
-@@ -103,6 +103,9 @@ static int open_proxy_open(struct inode *inode, struct file *filp)
+@@ -142,6 +142,10 @@ static int open_proxy_open(struct inode *inode, struct file *filp)
  	const struct file_operations *real_fops = NULL;
- 	int srcu_idx, r;
-
+ 	int r;
+ 
 +	if (kernel_is_locked_down("debugfs"))
 +		return -EPERM;
 +
- 	r = debugfs_use_file_start(dentry, &srcu_idx);
- 	if (r) {
- 		r = -ENOENT;
-@@ -232,6 +235,9 @@ static int full_proxy_open(struct inode *inode, struct file *filp)
++
+ 	r = debugfs_file_get(dentry);
+ 	if (r)
+ 		return r == -EIO ? -ENOENT : r;
+@@ -267,6 +271,9 @@ static int full_proxy_open(struct inode *inode, struct file *filp)
  	struct file_operations *proxy_fops = NULL;
- 	int srcu_idx, r;
-
+ 	int r;
+ 
 +	if (kernel_is_locked_down("debugfs"))
 +		return -EPERM;
 +
- 	r = debugfs_use_file_start(dentry, &srcu_idx);
- 	if (r) {
- 		r = -ENOENT;
+ 	r = debugfs_file_get(dentry);
+ 	if (r)
+ 		return r == -EIO ? -ENOENT : r;
 -- 
 2.13.6