diff options
Diffstat (limited to 'asus-wmi-Restrict-debugfs-interface-when-module-load.patch')
-rw-r--r-- | asus-wmi-Restrict-debugfs-interface-when-module-load.patch | 54 |
1 files changed, 0 insertions, 54 deletions
diff --git a/asus-wmi-Restrict-debugfs-interface-when-module-load.patch b/asus-wmi-Restrict-debugfs-interface-when-module-load.patch deleted file mode 100644 index 3ab7b85ea..000000000 --- a/asus-wmi-Restrict-debugfs-interface-when-module-load.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 32f701d40657cc3c982b8cba4bf73452ccdd6697 Mon Sep 17 00:00:00 2001 -From: Matthew Garrett <matthew.garrett@nebula.com> -Date: Fri, 9 Mar 2012 08:46:50 -0500 -Subject: [PATCH 05/20] asus-wmi: Restrict debugfs interface when module - loading is restricted - -We have no way of validating what all of the Asus WMI methods do on a -given machine, and there's a risk that some will allow hardware state to -be manipulated in such a way that arbitrary code can be executed in the -kernel, circumventing module loading restrictions. Prevent that if any of -these features are enabled. - -Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com> ---- - drivers/platform/x86/asus-wmi.c | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/drivers/platform/x86/asus-wmi.c b/drivers/platform/x86/asus-wmi.c -index efbc3f0c592b..071171be4b7f 100644 ---- a/drivers/platform/x86/asus-wmi.c -+++ b/drivers/platform/x86/asus-wmi.c -@@ -1868,6 +1868,9 @@ static int show_dsts(struct seq_file *m, void *data) - int err; - u32 retval = -1; - -+ if (secure_modules()) -+ return -EPERM; -+ - err = asus_wmi_get_devstate(asus, asus->debug.dev_id, &retval); - - if (err < 0) -@@ -1884,6 +1887,9 @@ static int show_devs(struct seq_file *m, void *data) - int err; - u32 retval = -1; - -+ if (secure_modules()) -+ return -EPERM; -+ - err = asus_wmi_set_devstate(asus->debug.dev_id, asus->debug.ctrl_param, - &retval); - -@@ -1908,6 +1914,9 @@ static int show_call(struct seq_file *m, void *data) - union acpi_object *obj; - acpi_status status; - -+ if (secure_modules()) -+ return -EPERM; -+ - status = wmi_evaluate_method(ASUS_WMI_MGMT_GUID, - 1, asus->debug.method_id, - &input, &output); --- -2.4.3 - |