lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <152346398340.4030.1885177506676553618.stgit@warthog.procyon.org.uk>
Date:   Wed, 11 Apr 2018 17:26:23 +0100
From:   David Howells <dhowells@...hat.com>
To:     torvalds@...ux-foundation.org
Cc:     linux-man@...r.kernel.org, linux-api@...r.kernel.org,
        jmorris@...ei.org, linux-kernel@...r.kernel.org,
        dhowells@...hat.com, linux-security-module@...r.kernel.org
Subject: [PATCH 16/24] Prohibit PCMCIA CIS storage when the kernel is locked
 down

Prohibit replacement of the PCMCIA Card Information Structure when the
kernel is locked down.

Suggested-by: Dominik Brodowski <linux@...inikbrodowski.net>
Signed-off-by: David Howells <dhowells@...hat.com>
cc: linux-pcmcia@...ts.infradead.org
---

 drivers/pcmcia/cistpl.c |    3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/pcmcia/cistpl.c b/drivers/pcmcia/cistpl.c
index 102646fedb56..e46c948d7246 100644
--- a/drivers/pcmcia/cistpl.c
+++ b/drivers/pcmcia/cistpl.c
@@ -1578,6 +1578,9 @@ static ssize_t pccard_store_cis(struct file *filp, struct kobject *kobj,
 	struct pcmcia_socket *s;
 	int error;
 
+	if (kernel_is_locked_down("Direct PCMCIA CIS storage"))
+		return -EPERM;
+
 	s = to_socket(container_of(kobj, struct device, kobj));
 
 	if (off)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ