From: Matthew Garrett <[email protected]> kexec permits the loading and execution of arbitrary code in ring 0, which is something that module signing enforcement is meant to prevent. It makes sense to disable kexec in this situation.
Signed-off-by: Matthew Garrett <[email protected]> --- kernel/kexec.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/kernel/kexec.c b/kernel/kexec.c index 980936a90ee6..fce28bf7d5d7 100644 --- a/kernel/kexec.c +++ b/kernel/kexec.c @@ -12,6 +12,7 @@ #include <linux/mm.h> #include <linux/file.h> #include <linux/kexec.h> +#include <linux/module.h> #include <linux/mutex.h> #include <linux/list.h> #include <linux/syscalls.h> @@ -194,6 +195,13 @@ SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments, return -EPERM; /* + * kexec can be used to circumvent module loading restrictions, so + * prevent loading in that case + */ + if (secure_modules()) + return -EPERM; + + /* * Verify we have a legal set of flags * This leaves us room for future extensions. */ -- 2.9.3 _______________________________________________ kernel mailing list -- [email protected] To unsubscribe send an email to [email protected]
