6a91557e4c
Do a couple things here: - Split the mega-patches into individual patches. Should help with rebasing. - Make all patches 'git am' acceptable. There should be no functional or actual code differences from before
43 lines
1.3 KiB
Diff
43 lines
1.3 KiB
Diff
From b5eb26c8283e04ddc93419c4403442a3dae1c581 Mon Sep 17 00:00:00 2001
|
|
From: Matthew Garrett <matthew.garrett@nebula.com>
|
|
Date: Fri, 9 Mar 2012 09:28:15 -0500
|
|
Subject: [PATCH] Restrict /dev/mem and /dev/kmem when module loading is
|
|
restricted
|
|
|
|
Allowing users to write to address space makes it possible for the kernel
|
|
to be subverted, avoiding module loading restrictions. Prevent this when
|
|
any restrictions have been imposed on loading modules.
|
|
|
|
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
|
|
---
|
|
drivers/char/mem.c | 6 ++++++
|
|
1 file changed, 6 insertions(+)
|
|
|
|
diff --git a/drivers/char/mem.c b/drivers/char/mem.c
|
|
index cdf839f9defe..c63cf93b00eb 100644
|
|
--- a/drivers/char/mem.c
|
|
+++ b/drivers/char/mem.c
|
|
@@ -164,6 +164,9 @@ static ssize_t write_mem(struct file *file, const char __user *buf,
|
|
if (p != *ppos)
|
|
return -EFBIG;
|
|
|
|
+ if (secure_modules())
|
|
+ return -EPERM;
|
|
+
|
|
if (!valid_phys_addr_range(p, count))
|
|
return -EFAULT;
|
|
|
|
@@ -502,6 +505,9 @@ static ssize_t write_kmem(struct file *file, const char __user *buf,
|
|
char *kbuf; /* k-addr because vwrite() takes vmlist_lock rwlock */
|
|
int err = 0;
|
|
|
|
+ if (secure_modules())
|
|
+ return -EPERM;
|
|
+
|
|
if (p < (unsigned long) high_memory) {
|
|
unsigned long to_write = min_t(unsigned long, count,
|
|
(unsigned long)high_memory - p);
|
|
--
|
|
1.9.3
|
|
|