kexec: Disable at runtime if the kernel enforces module loading restrictions

BugLink: http://bugs.launchpad.net/bugs/1566221 kexec permits the loading and execution of arbitrary code in ring 0, which is something that module signing enforcement is meant to prevent. It makes sense to disable kexec in this situation. Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com> Signed-off-by: Tim Gardner <tim.gardner@canonical.com>

kexec: Disable at runtime if the kernel enforces module loading restrictions
BugLink: http://bugs.launchpad.net/bugs/1566221 kexec permits the loading and execution of arbitrary code in ring 0, which is something that module signing enforcement is meant to prevent. It makes sense to disable kexec in this situation. Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com> Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
17c953d3 · Matthew Garrett · Tim Gardner · 3ee9b6b1 · 17c953d3
Commit 17c953d3 authored Nov 19, 2015 by Matthew Garrett Committed by Tim Gardner Apr 06, 2016
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 1 deletion

kernel/kexec.c kernel/kexec.c +2 -1

No files found.
--- a/kernel/kexec.c
+++ b/kernel/kexec.c
@@ -17,6 +17,7 @@
 #include <linux/syscalls.h>
 #include <linux/vmalloc.h>
 #include <linux/slab.h>
+#include <linux/module.h>

 #include "kexec_internal.h"

@@ -131,7 +132,7 @@ SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments,
 	int result;

 	/* We only trust the superuser with rebooting the system. */
-	if (!capable(CAP_SYS_BOOT) || kexec_load_disabled)
+	if (!capable(CAP_SYS_BOOT) || kexec_load_disabled || secure_modules())
 		return -EPERM;

 	/*