lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 20 Dec 2022 23:05:44 +0100 From: Ricardo Ribalda <ribalda@...omium.org> To: Philipp Rudo <prudo@...hat.com>, Eric Biederman <ebiederm@...ssion.com>, Jonathan Corbet <corbet@....net>, "Guilherme G. Piccoli" <gpiccoli@...lia.com> Cc: linux-doc@...r.kernel.org, Sergey Senozhatsky <senozhatsky@...omium.org>, Steven Rostedt <rostedt@...dmis.org>, linux-kernel@...r.kernel.org, "Joel Fernandes (Google)" <joel@...lfernandes.org>, Ricardo Ribalda <ribalda@...omium.org>, Ross Zwisler <zwisler@...nel.org>, kexec@...ts.infradead.org Subject: [PATCH v3 2/3] kexec: Factor out kexec_load_permitted Both syscalls (kexec and kexec_file) do the same check, lets factor it out. Signed-off-by: Ricardo Ribalda <ribalda@...omium.org> --- include/linux/kexec.h | 3 ++- kernel/kexec.c | 2 +- kernel/kexec_core.c | 11 ++++++++++- kernel/kexec_file.c | 2 +- 4 files changed, 14 insertions(+), 4 deletions(-) diff --git a/include/linux/kexec.h b/include/linux/kexec.h index 41a686996aaa..182e0c11b87b 100644 --- a/include/linux/kexec.h +++ b/include/linux/kexec.h @@ -406,7 +406,8 @@ extern int kimage_crash_copy_vmcoreinfo(struct kimage *image); extern struct kimage *kexec_image; extern struct kimage *kexec_crash_image; -extern int kexec_load_disabled; + +bool kexec_load_permitted(void); #ifndef kexec_flush_icache_page #define kexec_flush_icache_page(page) diff --git a/kernel/kexec.c b/kernel/kexec.c index cb8e6e6f983c..ce1bca874a8d 100644 --- a/kernel/kexec.c +++ b/kernel/kexec.c @@ -193,7 +193,7 @@ static inline int kexec_load_check(unsigned long nr_segments, int result; /* We only trust the superuser with rebooting the system. */ - if (!capable(CAP_SYS_BOOT) || kexec_load_disabled) + if (!kexec_load_permitted()) return -EPERM; /* Permit LSMs and IMA to fail the kexec */ diff --git a/kernel/kexec_core.c b/kernel/kexec_core.c index ca2743f9c634..a1efc70f4158 100644 --- a/kernel/kexec_core.c +++ b/kernel/kexec_core.c @@ -928,7 +928,7 @@ int kimage_load_segment(struct kimage *image, struct kimage *kexec_image; struct kimage *kexec_crash_image; -int kexec_load_disabled; +static int kexec_load_disabled; #ifdef CONFIG_SYSCTL static struct ctl_table kexec_core_sysctls[] = { { @@ -952,6 +952,15 @@ static int __init kexec_core_sysctl_init(void) late_initcall(kexec_core_sysctl_init); #endif +bool kexec_load_permitted(void) +{ + /* + * Only the superuser can use the kexec syscall and if it has not + * been disabled. + */ + return capable(CAP_SYS_BOOT) && !kexec_load_disabled; +} + /* * No panic_cpu check version of crash_kexec(). This function is called * only when panic_cpu holds the current CPU number; this is the only CPU diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c index 45637511e0de..29efa43ea951 100644 --- a/kernel/kexec_file.c +++ b/kernel/kexec_file.c @@ -330,7 +330,7 @@ SYSCALL_DEFINE5(kexec_file_load, int, kernel_fd, int, initrd_fd, struct kimage **dest_image, *image; /* We only trust the superuser with rebooting the system. */ - if (!capable(CAP_SYS_BOOT) || kexec_load_disabled) + if (!kexec_load_permitted()) return -EPERM; /* Make sure we have a legal set of flags */ -- 2.39.0.314.g84b9a713c41-goog-b4-0.11.0-dev-696ae
Powered by blists - more mailing lists