mirror of
https://github.com/Fishwaldo/Star64_linux.git
synced 2025-06-30 10:49:28 +00:00
x86/msr: Restrict MSR access when the kernel is locked down
Writing to MSRs should not be allowed if the kernel is locked down, since it could lead to execution of arbitrary code in kernel mode. Based on a patch by Kees Cook. Signed-off-by: Matthew Garrett <mjg59@google.com> Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Kees Cook <keescook@chromium.org> Reviewed-by: Thomas Gleixner <tglx@linutronix.de> cc: x86@kernel.org Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
Matthew Garrett
James Morris
parent
96c4f67293
commit
95f5e95f41
3 changed files with 10 additions and 0 deletions
|
|
@ -109,6 +109,7 @@ enum lockdown_reason {
|
|||
LOCKDOWN_HIBERNATION,
|
||||
LOCKDOWN_PCI_ACCESS,
|
||||
LOCKDOWN_IOPORT,
|
||||
LOCKDOWN_MSR,
|
||||
LOCKDOWN_INTEGRITY_MAX,
|
||||
LOCKDOWN_CONFIDENTIALITY_MAX,
|
||||
};
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue