dbc4a9b
From: Matthew Garrett <matthew.garrett@nebula.com>
dbc4a9b
Date: Fri, 9 Aug 2013 03:33:56 -0400
dbc4a9b
Subject: [PATCH] kexec: Disable at runtime if the kernel enforces module
dbc4a9b
 loading restrictions
dbc4a9b
dbc4a9b
kexec permits the loading and execution of arbitrary code in ring 0, which
dbc4a9b
is something that module signing enforcement is meant to prevent. It makes
dbc4a9b
sense to disable kexec in this situation.
dbc4a9b
dbc4a9b
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
dbc4a9b
---
dbc4a9b
 kernel/kexec.c | 8 ++++++++
dbc4a9b
 1 file changed, 8 insertions(+)
dbc4a9b
dbc4a9b
diff --git a/kernel/kexec.c b/kernel/kexec.c
2f08a80
index 38c25b1f2fd5..f2b5272156ce 100644
dbc4a9b
--- a/kernel/kexec.c
dbc4a9b
+++ b/kernel/kexec.c
dbc4a9b
@@ -36,6 +36,7 @@
dbc4a9b
 #include <linux/syscore_ops.h>
dbc4a9b
 #include <linux/compiler.h>
dbc4a9b
 #include <linux/hugetlb.h>
dbc4a9b
+#include <linux/module.h>
dbc4a9b
 
dbc4a9b
 #include <asm/page.h>
dbc4a9b
 #include <asm/uaccess.h>
2f08a80
@@ -1247,6 +1248,13 @@ SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments,
dbc4a9b
 		return -EPERM;
dbc4a9b
 
dbc4a9b
 	/*
dbc4a9b
+	 * kexec can be used to circumvent module loading restrictions, so
dbc4a9b
+	 * prevent loading in that case
dbc4a9b
+	 */
dbc4a9b
+	if (secure_modules())
dbc4a9b
+		return -EPERM;
dbc4a9b
+
dbc4a9b
+	/*
dbc4a9b
 	 * Verify we have a legal set of flags
dbc4a9b
 	 * This leaves us room for future extensions.
dbc4a9b
 	 */