Blame kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch
|
 |
ea38f2f |
From 85968a9f0b3f05c56d4ac4002748f3412a9baab0 Mon Sep 17 00:00:00 2001
|
|
|
6a91557 |
From: Matthew Garrett <matthew.garrett@nebula.com>
|
|
|
6a91557 |
Date: Fri, 9 Aug 2013 03:33:56 -0400
|
|
|
ea38f2f |
Subject: [PATCH 08/20] kexec: Disable at runtime if the kernel enforces module
|
|
|
6a91557 |
loading restrictions
|
|
|
6a91557 |
|
|
|
6a91557 |
kexec permits the loading and execution of arbitrary code in ring 0, which
|
|
|
6a91557 |
is something that module signing enforcement is meant to prevent. It makes
|
|
|
6a91557 |
sense to disable kexec in this situation.
|
|
|
6a91557 |
|
|
|
6a91557 |
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
|
|
|
6a91557 |
---
|
|
|
6a91557 |
kernel/kexec.c | 8 ++++++++
|
|
|
6a91557 |
1 file changed, 8 insertions(+)
|
|
|
6a91557 |
|
|
|
6a91557 |
diff --git a/kernel/kexec.c b/kernel/kexec.c
|
|
|
ea38f2f |
index 980936a90ee6..fce28bf7d5d7 100644
|
|
|
6a91557 |
--- a/kernel/kexec.c
|
|
|
6a91557 |
+++ b/kernel/kexec.c
|
|
|
ea38f2f |
@@ -12,6 +12,7 @@
|
|
|
d6943bf |
#include <linux/mm.h>
|
|
|
d6943bf |
#include <linux/file.h>
|
|
|
d6943bf |
#include <linux/kexec.h>
|
|
|
6a91557 |
+#include <linux/module.h>
|
|
|
d6943bf |
#include <linux/mutex.h>
|
|
|
d6943bf |
#include <linux/list.h>
|
|
|
d6943bf |
#include <linux/syscalls.h>
|
|
|
ea38f2f |
@@ -194,6 +195,13 @@ SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments,
|
|
|
6a91557 |
return -EPERM;
|
|
|
6a91557 |
|
|
|
6a91557 |
/*
|
|
|
6a91557 |
+ * kexec can be used to circumvent module loading restrictions, so
|
|
|
6a91557 |
+ * prevent loading in that case
|
|
|
6a91557 |
+ */
|
|
|
6a91557 |
+ if (secure_modules())
|
|
|
6a91557 |
+ return -EPERM;
|
|
|
6a91557 |
+
|
|
|
6a91557 |
+ /*
|
|
|
6a91557 |
* Verify we have a legal set of flags
|
|
|
6a91557 |
* This leaves us room for future extensions.
|
|
|
6a91557 |
*/
|
|
|
18c8249 |
--
|
|
|
ea38f2f |
2.9.3
|
|
|
18c8249 |
|