6a91557e4c
Do a couple things here: - Split the mega-patches into individual patches. Should help with rebasing. - Make all patches 'git am' acceptable. There should be no functional or actual code differences from before
72 lines
2.2 KiB
Diff
72 lines
2.2 KiB
Diff
From d27eea3ac26af4673f829ab50c90f8879715d739 Mon Sep 17 00:00:00 2001
|
|
From: Matthew Garrett <matthew.garrett@nebula.com>
|
|
Date: Thu, 8 Mar 2012 10:35:59 -0500
|
|
Subject: [PATCH] x86: Lock down IO port access when module security is enabled
|
|
|
|
IO port access would permit users to gain access to PCI configuration
|
|
registers, which in turn (on a lot of hardware) give access to MMIO register
|
|
space. This would potentially permit root to trigger arbitrary DMA, so lock
|
|
it down by default.
|
|
|
|
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
|
|
---
|
|
arch/x86/kernel/ioport.c | 5 +++--
|
|
drivers/char/mem.c | 4 ++++
|
|
2 files changed, 7 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/arch/x86/kernel/ioport.c b/arch/x86/kernel/ioport.c
|
|
index 4ddaf66ea35f..00b440307419 100644
|
|
--- a/arch/x86/kernel/ioport.c
|
|
+++ b/arch/x86/kernel/ioport.c
|
|
@@ -15,6 +15,7 @@
|
|
#include <linux/thread_info.h>
|
|
#include <linux/syscalls.h>
|
|
#include <linux/bitmap.h>
|
|
+#include <linux/module.h>
|
|
#include <asm/syscalls.h>
|
|
|
|
/*
|
|
@@ -28,7 +29,7 @@ asmlinkage long sys_ioperm(unsigned long from, unsigned long num, int turn_on)
|
|
|
|
if ((from + num <= from) || (from + num > IO_BITMAP_BITS))
|
|
return -EINVAL;
|
|
- if (turn_on && !capable(CAP_SYS_RAWIO))
|
|
+ if (turn_on && (!capable(CAP_SYS_RAWIO) || secure_modules()))
|
|
return -EPERM;
|
|
|
|
/*
|
|
@@ -103,7 +104,7 @@ SYSCALL_DEFINE1(iopl, unsigned int, level)
|
|
return -EINVAL;
|
|
/* Trying to gain more privileges? */
|
|
if (level > old) {
|
|
- if (!capable(CAP_SYS_RAWIO))
|
|
+ if (!capable(CAP_SYS_RAWIO) || secure_modules())
|
|
return -EPERM;
|
|
}
|
|
regs->flags = (regs->flags & ~X86_EFLAGS_IOPL) | (level << 12);
|
|
diff --git a/drivers/char/mem.c b/drivers/char/mem.c
|
|
index 917403fe10da..cdf839f9defe 100644
|
|
--- a/drivers/char/mem.c
|
|
+++ b/drivers/char/mem.c
|
|
@@ -27,6 +27,7 @@
|
|
#include <linux/export.h>
|
|
#include <linux/io.h>
|
|
#include <linux/aio.h>
|
|
+#include <linux/module.h>
|
|
|
|
#include <asm/uaccess.h>
|
|
|
|
@@ -568,6 +569,9 @@ static ssize_t write_port(struct file *file, const char __user *buf,
|
|
unsigned long i = *ppos;
|
|
const char __user *tmp = buf;
|
|
|
|
+ if (secure_modules())
|
|
+ return -EPERM;
|
|
+
|
|
if (!access_ok(VERIFY_READ, buf, count))
|
|
return -EFAULT;
|
|
while (count-- > 0 && i < 65536) {
|
|
--
|
|
1.9.3
|
|
|