summaryrefslogtreecommitdiffstats
path: root/x86-Lock-down-IO-port-access-when-module-security-is.patch
diff options
context:
space:
mode:
authorJosh Boyer <jwboyer@fedoraproject.org>2016-03-24 15:20:33 -0400
committerJosh Boyer <jwboyer@fedoraproject.org>2016-03-24 15:20:33 -0400
commit6a44257de77a5136f6717b7f313a77b3ca73b310 (patch)
tree32a366304a608e8304350861c20df15bbbea8c11 /x86-Lock-down-IO-port-access-when-module-security-is.patch
parentea3aaf7b014b4bd0237dd42603f56c30730f6a0d (diff)
downloadkernel-6a44257de77a5136f6717b7f313a77b3ca73b310.tar.gz
kernel-6a44257de77a5136f6717b7f313a77b3ca73b310.tar.xz
kernel-6a44257de77a5136f6717b7f313a77b3ca73b310.zip
Linux v4.5-12257-g8b97be054572
- staging, timers, perf, irq, x86, sched, locking merges
Diffstat (limited to 'x86-Lock-down-IO-port-access-when-module-security-is.patch')
-rw-r--r--x86-Lock-down-IO-port-access-when-module-security-is.patch15
1 files changed, 7 insertions, 8 deletions
diff --git a/x86-Lock-down-IO-port-access-when-module-security-is.patch b/x86-Lock-down-IO-port-access-when-module-security-is.patch
index 708006c2e..185b1da99 100644
--- a/x86-Lock-down-IO-port-access-when-module-security-is.patch
+++ b/x86-Lock-down-IO-port-access-when-module-security-is.patch
@@ -1,8 +1,7 @@
-From 7a3cdd26e6d38031338a6cb591ec2f3faaa9234b Mon Sep 17 00:00:00 2001
+From 8010b5eb4680df797575e6306d4d891200e303ab Mon Sep 17 00:00:00 2001
From: Matthew Garrett <matthew.garrett@nebula.com>
Date: Thu, 8 Mar 2012 10:35:59 -0500
-Subject: [PATCH 03/20] x86: Lock down IO port access when module security is
- enabled
+Subject: [PATCH] x86: Lock down IO port access when module security is enabled
IO port access would permit users to gain access to PCI configuration
registers, which in turn (on a lot of hardware) give access to MMIO register
@@ -16,7 +15,7 @@ Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kernel/ioport.c b/arch/x86/kernel/ioport.c
-index 37dae792dbbe..1ecc03ca3c15 100644
+index 589b3193f102..ab8372443efb 100644
--- a/arch/x86/kernel/ioport.c
+++ b/arch/x86/kernel/ioport.c
@@ -15,6 +15,7 @@
@@ -36,7 +35,7 @@ index 37dae792dbbe..1ecc03ca3c15 100644
return -EPERM;
/*
-@@ -103,7 +104,7 @@ SYSCALL_DEFINE1(iopl, unsigned int, level)
+@@ -108,7 +109,7 @@ SYSCALL_DEFINE1(iopl, unsigned int, level)
return -EINVAL;
/* Trying to gain more privileges? */
if (level > old) {
@@ -44,9 +43,9 @@ index 37dae792dbbe..1ecc03ca3c15 100644
+ if (!capable(CAP_SYS_RAWIO) || secure_modules())
return -EPERM;
}
- regs->flags = (regs->flags & ~X86_EFLAGS_IOPL) | (level << 12);
+ regs->flags = (regs->flags & ~X86_EFLAGS_IOPL) |
diff --git a/drivers/char/mem.c b/drivers/char/mem.c
-index 6b1721f978c2..53fe675f9bd7 100644
+index 71025c2f6bbb..86e5bfa91563 100644
--- a/drivers/char/mem.c
+++ b/drivers/char/mem.c
@@ -27,6 +27,7 @@
@@ -68,5 +67,5 @@ index 6b1721f978c2..53fe675f9bd7 100644
return -EFAULT;
while (count-- > 0 && i < 65536) {
--
-2.4.3
+2.5.5