diff options
Diffstat (limited to 'asus-wmi-Restrict-debugfs-interface-when-module-load.patch')
| -rw-r--r-- | asus-wmi-Restrict-debugfs-interface-when-module-load.patch | 54 |
1 files changed, 0 insertions, 54 deletions
diff --git a/asus-wmi-Restrict-debugfs-interface-when-module-load.patch b/asus-wmi-Restrict-debugfs-interface-when-module-load.patch deleted file mode 100644 index 7e70e4f1a..000000000 --- a/asus-wmi-Restrict-debugfs-interface-when-module-load.patch +++ /dev/null @@ -1,54 +0,0 @@ -From ebbd8d01acdf472594f7e43e9a4274745c402e8e Mon Sep 17 00:00:00 2001 -From: Matthew Garrett <matthew.garrett@nebula.com> -Date: Fri, 9 Mar 2012 08:46:50 -0500 -Subject: [PATCH 05/20] asus-wmi: Restrict debugfs interface when module - loading is restricted - -We have no way of validating what all of the Asus WMI methods do on a -given machine, and there's a risk that some will allow hardware state to -be manipulated in such a way that arbitrary code can be executed in the -kernel, circumventing module loading restrictions. Prevent that if any of -these features are enabled. - -Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com> ---- - drivers/platform/x86/asus-wmi.c | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/drivers/platform/x86/asus-wmi.c b/drivers/platform/x86/asus-wmi.c -index ce6ca31a2d09..55d23994d6a2 100644 ---- a/drivers/platform/x86/asus-wmi.c -+++ b/drivers/platform/x86/asus-wmi.c -@@ -1872,6 +1872,9 @@ static int show_dsts(struct seq_file *m, void *data) - int err; - u32 retval = -1; - -+ if (secure_modules()) -+ return -EPERM; -+ - err = asus_wmi_get_devstate(asus, asus->debug.dev_id, &retval); - - if (err < 0) -@@ -1888,6 +1891,9 @@ static int show_devs(struct seq_file *m, void *data) - int err; - u32 retval = -1; - -+ if (secure_modules()) -+ return -EPERM; -+ - err = asus_wmi_set_devstate(asus->debug.dev_id, asus->debug.ctrl_param, - &retval); - -@@ -1912,6 +1918,9 @@ static int show_call(struct seq_file *m, void *data) - union acpi_object *obj; - acpi_status status; - -+ if (secure_modules()) -+ return -EPERM; -+ - status = wmi_evaluate_method(ASUS_WMI_MGMT_GUID, - 1, asus->debug.method_id, - &input, &output); --- -2.9.3 - |