dbc4a9
From: Matthew Garrett <matthew.garrett@nebula.com>
dbc4a9
Date: Fri, 9 Aug 2013 03:33:56 -0400
dbc4a9
Subject: [PATCH] kexec: Disable at runtime if the kernel enforces module
dbc4a9
 loading restrictions
dbc4a9
dbc4a9
kexec permits the loading and execution of arbitrary code in ring 0, which
dbc4a9
is something that module signing enforcement is meant to prevent. It makes
dbc4a9
sense to disable kexec in this situation.
dbc4a9
dbc4a9
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
dbc4a9
---
dbc4a9
 kernel/kexec.c | 8 ++++++++
dbc4a9
 1 file changed, 8 insertions(+)
dbc4a9
dbc4a9
diff --git a/kernel/kexec.c b/kernel/kexec.c
dbc4a9
index 2bee072268d9..891477dbfee0 100644
dbc4a9
--- a/kernel/kexec.c
dbc4a9
+++ b/kernel/kexec.c
dbc4a9
@@ -36,6 +36,7 @@
dbc4a9
 #include <linux syscore_ops.h="">
dbc4a9
 #include <linux compiler.h="">
dbc4a9
 #include <linux hugetlb.h="">
dbc4a9
+#include <linux module.h="">
dbc4a9
 
dbc4a9
 #include <asm page.h="">
dbc4a9
 #include <asm uaccess.h="">
dbc4a9
@@ -1251,6 +1252,13 @@ SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments,
dbc4a9
 		return -EPERM;
dbc4a9
 
dbc4a9
 	/*
dbc4a9
+	 * kexec can be used to circumvent module loading restrictions, so
dbc4a9
+	 * prevent loading in that case
dbc4a9
+	 */
dbc4a9
+	if (secure_modules())
dbc4a9
+		return -EPERM;
dbc4a9
+
dbc4a9
+	/*
dbc4a9
 	 * Verify we have a legal set of flags
dbc4a9
 	 * This leaves us room for future extensions.
dbc4a9
 	 */
dbc4a9
-- 
dbc4a9
1.9.3
dbc4a9