dm verity: set DM_TARGET_IMMUTABLE feature flag

stable inclusion
from stable-4.19.246
commit 6bff6107d1364c95109609c3fd680e6c8d7fa503
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I5M4ZO
CVE: CVE-2022-2503

--------------------------------

commit 4caae584 upstream.

The device-mapper framework provides a mechanism to mark targets as
immutable (and hence fail table reloads that try to change the target
type). Add the DM_TARGET_IMMUTABLE flag to the dm-verity target's
feature flags to prevent switching the verity target with a different
target type.

Fixes: a4ffc152 ("dm: add verity target")
Cc: stable@vger.kernel.org
Signed-off-by: NSarthak Kukreti <sarthakkukreti@google.com>
Reviewed-by: NKees Cook <keescook@chromium.org>
Signed-off-by: NMike Snitzer <snitzer@kernel.org>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: NLuo Meng <luomeng12@huawei.com>

Conflicts:
	drivers/md/dm-verity-target.c
Reviewed-by: NXiu Jianfeng <xiujianfeng@huawei.com>
Reviewed-by: NZhang Xiaoxu <zhangxiaoxu5@huawei.com>
Signed-off-by: NYongqiang Liu <liuyongqiang13@huawei.com>

drivers/md/dm-verity-target.c

@@ -1242,6 +1242,7 @@ static int verity_ctr(struct dm_target *ti, unsigned argc, char **argv)
 
 static struct target_type verity_target = {
 	.name		= "verity",
+	.features	= DM_TARGET_IMMUTABLE,
 	.version	= {1, 5, 0},
 	.module		= THIS_MODULE,
 	.ctr		= verity_ctr,