diff options
author | Justin M. Forbes <jforbes@redhat.com> | 2016-12-14 12:50:48 -0600 |
---|---|---|
committer | Justin M. Forbes <jforbes@redhat.com> | 2016-12-14 12:50:48 -0600 |
commit | 962ea4f047b3b4b4360446be4289c4e4deb29551 (patch) | |
tree | 0a13142b9219114c8902cac2b45fe9c7abc96897 /ACPI-Limit-access-to-custom_method.patch | |
parent | b31b0fb7f4d47143f49fdbc50e7c0da678c0540b (diff) | |
download | kernel-962ea4f047b3b4b4360446be4289c4e4deb29551.tar.gz kernel-962ea4f047b3b4b4360446be4289c4e4deb29551.tar.xz kernel-962ea4f047b3b4b4360446be4289c4e4deb29551.zip |
Linux v4.9-7150-gcdb98c2
Diffstat (limited to 'ACPI-Limit-access-to-custom_method.patch')
-rw-r--r-- | ACPI-Limit-access-to-custom_method.patch | 31 |
1 files changed, 0 insertions, 31 deletions
diff --git a/ACPI-Limit-access-to-custom_method.patch b/ACPI-Limit-access-to-custom_method.patch deleted file mode 100644 index 44d2a004d..000000000 --- a/ACPI-Limit-access-to-custom_method.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 36d02761fc952f8190fca75bb4b81c2c7b7ddf68 Mon Sep 17 00:00:00 2001 -From: Matthew Garrett <matthew.garrett@nebula.com> -Date: Fri, 9 Mar 2012 08:39:37 -0500 -Subject: [PATCH 04/20] ACPI: Limit access to custom_method - -custom_method effectively allows arbitrary access to system memory, making -it possible for an attacker to circumvent restrictions on module loading. -Disable it if any such restrictions have been enabled. - -Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com> ---- - drivers/acpi/custom_method.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/drivers/acpi/custom_method.c b/drivers/acpi/custom_method.c -index c68e72414a67..4277938af700 100644 ---- a/drivers/acpi/custom_method.c -+++ b/drivers/acpi/custom_method.c -@@ -29,6 +29,9 @@ static ssize_t cm_write(struct file *file, const char __user * user_buf, - struct acpi_table_header table; - acpi_status status; - -+ if (secure_modules()) -+ return -EPERM; -+ - if (!(*ppos)) { - /* parse the table header to get the table length */ - if (count <= sizeof(struct acpi_table_header)) --- -2.9.3 - |