kernel / kernel-source

Clone
Source Code
GIT

Files

  1.   6f01e8cfb4a016c4c2f3182bf84155a030cbcadf
  2.   patches.suse
  3.   0003-PCI-Lock-down-BAR-access-when-securelevel-is-enabled.patch
Blob Blame History Raw 
From 38b996dcbe18ad534ef11d3641082d7165438f4c Mon Sep 17 00:00:00 2001
From: Matthew Garrett <mjg59@srcf.ucam.org>
Date: Thu, 8 Mar 2012 10:10:38 -0500
Subject: [PATCH 03/16] PCI: Lock down BAR access when securelevel is enabled

Patch-mainline: Queued in subsystem maintainer repository
Git-repo: https://github.com/mjg59/linux
Git-commit: 38b996dcbe18ad534ef11d3641082d7165438f4c
References: fate#320387

Any hardware that can potentially generate DMA has to be locked down from
userspace in order to avoid it being possible for an attacker to modify
kernel code. This should be prevented if securelevel has been set. Default
to paranoid - in future we can potentially relax this for sufficiently
IOMMU-isolated devices.

Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
Acked-by: Lee, Chun-Yi <jlee@suse.com>
---
 drivers/pci/pci-sysfs.c |    9 +++++++++
 drivers/pci/proc.c      |    9 ++++++++-
 drivers/pci/syscall.c   |    3 ++-
 3 files changed, 19 insertions(+), 2 deletions(-)

--- a/drivers/pci/pci-sysfs.c
+++ b/drivers/pci/pci-sysfs.c
@@ -713,6 +713,9 @@ static ssize_t pci_write_config(struct f
 	loff_t init_off = off;
 	u8 *data = (u8 *) buf;
 
+	if (get_securelevel() > 0)
+		return -EPERM;
+
 	if (off > dev->cfg_size)
 		return 0;
 	if (off + count > dev->cfg_size) {
@@ -1011,6 +1014,9 @@ static int pci_mmap_resource(struct kobj
 	resource_size_t start, end;
 	int i;
 
+	if (get_securelevel() > 0)
+		return -EPERM;
+
 	for (i = 0; i < PCI_ROM_RESOURCE; i++)
 		if (res == &pdev->resource[i])
 			break;
@@ -1112,6 +1118,9 @@ static ssize_t pci_write_resource_io(str
 				     struct bin_attribute *attr, char *buf,
 				     loff_t off, size_t count)
 {
+	if (get_securelevel() > 0)
+		return -EPERM;
+
 	return pci_resource_io(filp, kobj, attr, buf, off, count, true);
 }
 
--- a/drivers/pci/proc.c
+++ b/drivers/pci/proc.c
@@ -11,6 +11,7 @@
 #include <linux/proc_fs.h>
 #include <linux/seq_file.h>
 #include <linux/capability.h>
+#include <linux/security.h>
 #include <linux/uaccess.h>
 #include <asm/byteorder.h>
 #include "pci.h"
@@ -116,6 +117,9 @@ static ssize_t proc_bus_pci_write(struct
 	int size = dev->cfg_size;
 	int cnt;
 
+	if (get_securelevel() > 0)
+		return -EPERM;
+
 	if (pos >= size)
 		return 0;
 	if (nbytes >= size)
@@ -195,6 +199,9 @@ static long proc_bus_pci_ioctl(struct fi
 #endif /* HAVE_PCI_MMAP */
 	int ret = 0;
 
+	if (get_securelevel() > 0)
+		return -EPERM;
+
 	switch (cmd) {
 	case PCIIOC_CONTROLLER:
 		ret = pci_domain_nr(dev->bus);
@@ -233,7 +240,7 @@ static int proc_bus_pci_mmap(struct file
 	struct pci_filp_private *fpriv = file->private_data;
 	int i, ret;
 
-	if (!capable(CAP_SYS_RAWIO))
+	if (!capable(CAP_SYS_RAWIO) || (get_securelevel() > 0))
 		return -EPERM;
 
 	/* Make sure the caller is mapping a real resource for this device */
--- a/drivers/pci/syscall.c
+++ b/drivers/pci/syscall.c
@@ -10,6 +10,7 @@
 #include <linux/errno.h>
 #include <linux/pci.h>
 #include <linux/syscalls.h>
+#include <linux/security.h>
 #include <linux/uaccess.h>
 #include "pci.h"
 
@@ -92,7 +93,7 @@ SYSCALL_DEFINE5(pciconfig_write, unsigne
 	u32 dword;
 	int err = 0;
 
-	if (!capable(CAP_SYS_ADMIN))
+	if (!capable(CAP_SYS_ADMIN) || (get_securelevel() > 0))
 		return -EPERM;
 
 	dev = pci_get_bus_and_slot(bus, dfn);
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.