Skip to content

drivers/efuse/efuse: Multiple Drivers Are Registered With World Writable#19416

Merged
jerpelea merged 1 commit into
apache:masterfrom
catalinv-ncc:bug/Multiple_Drivers_Are_Registered_World_Writable_Permissions
Jul 13, 2026
Merged

drivers/efuse/efuse: Multiple Drivers Are Registered With World Writable#19416
jerpelea merged 1 commit into
apache:masterfrom
catalinv-ncc:bug/Multiple_Drivers_Are_Registered_World_Writable_Permissions

Conversation

@catalinv-ncc

@catalinv-ncc catalinv-ncc commented Jul 12, 2026

Copy link
Copy Markdown
Contributor

drivers/: Multiple Drivers Are Registered With World Writable

Summary

Permissions (Part 1)

Description:

In kernel builds, any unprivileged process running on the NuttX
device can open /dev/efuse and attempt to read/write fuse content.
Reading the fuses may provide valuable information to an attacker
controlling the user process. The write operation, in extreme cases
where the fuse blocks are not locked, may brick the device.

DISCLAIMER: I tried to be strict with the settings, better to relax them later if it's needed.

This is part of #19410

Impact

See #19410

Testing

Compiles ok.

@github-actions github-actions Bot added Arch: arm Issues related to ARM (32-bit) architecture Arch: renesas Issues related to the Renesas chips Arch: risc-v Issues related to the RISC-V (32-bit or 64-bit) architecture Arch: x86 Issues related to the x86 architecture Arch: xtensa Issues related to the Xtensa architecture Size: M The size of the change in this PR is medium Area: Audio Board: arm Board: mips labels Jul 12, 2026
@github-actions

github-actions Bot commented Jul 12, 2026

Copy link
Copy Markdown

MemBrowse Memory Report

No memory changes detected for:

@xiaoxiang781216

Copy link
Copy Markdown
Contributor

@catalinv-ncc please fix:

../nuttx/tools/checkpatch.sh -c -u -m -g  618119edb74520b5bf8aa456ea13760fda8a721c..HEAD
❌ Commit subject must be followed by a blank line

…Part 1)

Description:

In kernel builds, any unprivileged process running on the NuttX device
can open /dev/efuse and attempt to read/write fuse content. Reading the
fuses may provide valuable information to an attacker controlling the user
process. The write operation, in extreme cases where the fuse blocks are
not locked, may brick the device.

This is part of apache#19410

Compiles ok.

Signed-off-by: Catalin Visinescu <catalin_visinescu@yahoo.com>
@catalinv-ncc catalinv-ncc force-pushed the bug/Multiple_Drivers_Are_Registered_World_Writable_Permissions branch from 99423b4 to b442296 Compare July 12, 2026 16:00
@linguini1

Copy link
Copy Markdown
Contributor

This is a good find, but I think we need to at least test a few of these boards to make sure this doesn't break anything. Some of these changes are present on QEMU and sim, do you think you could test those targets?

@catalinv-ncc

catalinv-ncc commented Jul 12, 2026

Copy link
Copy Markdown
Contributor Author

This is a good find, but I think we need to at least test a few of these boards to make sure this doesn't break anything. Some of these changes are present on QEMU and sim, do you think you could test those targets?

Please list 3-4 of the best (most comprehensive) targets you think I should try, and I will. That being said, there is no reason these should be world writable.

@linguini1

Copy link
Copy Markdown
Contributor

Please list 3-4 of the best (most comprehensive) targets you think I should try, and I will. That being said, there is no reason these should be world writable.

I agree, this is mostly to identify issues so we could maybe even fix them to be compatible with the stricter permissions. I think the updated permissions are better!

I don't know what you have available to you, but I would say any of the STM32 targets maybe since they have a lot of the peripheral drivers that were modified. If you can run the example programs for the peripherals and they work then that would be sufficient to say nothing broke I would think. I.e. I2C utility, etc.

If not, testing the drivers you modified on QEMU would be easiest since it's all virtual. The simulator should also have some of these drivers.

@jerpelea jerpelea merged commit 8d2b71d into apache:master Jul 13, 2026
53 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Arch: arm Issues related to ARM (32-bit) architecture Arch: renesas Issues related to the Renesas chips Arch: risc-v Issues related to the RISC-V (32-bit or 64-bit) architecture Arch: x86 Issues related to the x86 architecture Arch: xtensa Issues related to the Xtensa architecture Area: Audio Board: arm Board: mips Size: M The size of the change in this PR is medium

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants