From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751893Ab1AFI1W (ORCPT ); Thu, 6 Jan 2011 03:27:22 -0500 Received: from mx1.redhat.com ([209.132.183.28]:54165 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751030Ab1AFI1V (ORCPT ); Thu, 6 Jan 2011 03:27:21 -0500 Message-ID: <4D257CE5.1030001@redhat.com> Date: Thu, 06 Jan 2011 16:27:17 +0800 From: Cong Wang User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.13) Gecko/20101209 Fedora/3.1.7-0.35.b3pre.fc14 Thunderbird/3.1.7 MIME-Version: 1.0 To: Amerigo Wang CC: linux-kernel@vger.kernel.org, Eric Biederman , kexec@lists.infradead.org, Eric Paris Subject: Re: [Patch] kexec_load: check CAP_SYS_MODULE References: <1294302325-22593-1-git-send-email-amwang@redhat.com> In-Reply-To: <1294302325-22593-1-git-send-email-amwang@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org (Forgot Cc'ing Eric Paris, adding.) > Eric pointed out that kexec_load() actually allows you to > run any code you want in ring0, this is more like CAP_SYS_MODULE. > > Reported-by: Eric Paris > Signed-off-by: WANG Cong > > --- > diff --git a/kernel/kexec.c b/kernel/kexec.c > index b55045b..c30d613 100644 > --- a/kernel/kexec.c > +++ b/kernel/kexec.c > @@ -945,7 +945,7 @@ SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments, > int result; > > /* We only trust the superuser with rebooting the system. */ > - if (!capable(CAP_SYS_BOOT)) > + if (!capable(CAP_SYS_BOOT) || !capable(CAP_SYS_MODULE)) > return -EPERM; > > /* From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from mx1.redhat.com ([209.132.183.28]) by canuck.infradead.org with esmtp (Exim 4.72 #1 (Red Hat Linux)) id 1PalBp-0000M2-14 for kexec@lists.infradead.org; Thu, 06 Jan 2011 08:27:21 +0000 Message-ID: <4D257CE5.1030001@redhat.com> Date: Thu, 06 Jan 2011 16:27:17 +0800 From: Cong Wang MIME-Version: 1.0 Subject: Re: [Patch] kexec_load: check CAP_SYS_MODULE References: <1294302325-22593-1-git-send-email-amwang@redhat.com> In-Reply-To: <1294302325-22593-1-git-send-email-amwang@redhat.com> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: kexec-bounces@lists.infradead.org Errors-To: kexec-bounces+dwmw2=infradead.org@lists.infradead.org To: Amerigo Wang Cc: kexec@lists.infradead.org, linux-kernel@vger.kernel.org, Eric Paris , Eric Biederman (Forgot Cc'ing Eric Paris, adding.) > Eric pointed out that kexec_load() actually allows you to > run any code you want in ring0, this is more like CAP_SYS_MODULE. > > Reported-by: Eric Paris > Signed-off-by: WANG Cong > > --- > diff --git a/kernel/kexec.c b/kernel/kexec.c > index b55045b..c30d613 100644 > --- a/kernel/kexec.c > +++ b/kernel/kexec.c > @@ -945,7 +945,7 @@ SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments, > int result; > > /* We only trust the superuser with rebooting the system. */ > - if (!capable(CAP_SYS_BOOT)) > + if (!capable(CAP_SYS_BOOT) || !capable(CAP_SYS_MODULE)) > return -EPERM; > > /* _______________________________________________ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec