Fastboot OEM commands allow to execute arbitrary commands via fastboot, so add a security policy for it to limit access to this functionality.
Signed-off-by: Sascha Hauer <[email protected]> --- common/Sconfig | 4 ++++ common/fastboot.c | 6 ++++++ 2 files changed, 10 insertions(+) diff --git a/common/Sconfig b/common/Sconfig index edbc4bc028af79e2a72bb86de94ecce5c7b7643d..9142685a1d3f9846e69b746e545420eab5935661 100644 --- a/common/Sconfig +++ b/common/Sconfig @@ -6,6 +6,10 @@ config RATP bool "Allow remote control via RATP" depends on $(kconfig-enabled,CONSOLE_RATP) +config FASTBOOT_CMD_OEM + bool "Allow Fastboot OEM commands" + depends on $(kconfig-enabled,FASTBOOT_CMD_OEM) + endmenu menu "Boot Policy" diff --git a/common/fastboot.c b/common/fastboot.c index 603391de77392aa7e1e61e32fd1844642f8ea42c..5c83b102e13909d49401ce03f9a98c6077894ee0 100644 --- a/common/fastboot.c +++ b/common/fastboot.c @@ -42,6 +42,7 @@ #include <linux/types.h> #include <linux/stat.h> #include <linux/mtd/mtd.h> +#include <security/config.h> #include <fastboot.h> #include <system-partitions.h> @@ -966,6 +967,11 @@ static void __maybe_unused cb_oem(struct fastboot *fb, const char *cmd) { pr_debug("%s: \"%s\"\n", __func__, cmd); + if (!IS_ALLOWED(SCONFIG_FASTBOOT_CMD_OEM)) { + fastboot_tx_print(fb, FASTBOOT_MSG_FAIL, "OEM commands not allowed"); + return; + } + fb_run_command(fb, cmd, cmd_oem_dispatch_info, ARRAY_SIZE(cmd_oem_dispatch_info)); } -- 2.39.5
