]> xenbits.xensource.com Git - people/aperard/linux-chromebook.git/commit
projects / people / aperard / linux-chromebook.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fbc4caa) | patch
CHERRY-PICK: CHROMIUM: msr: whitelist the i915 thermal control for wrmsr
authorKees Cook <keescook@chromium.org>
Fri, 8 Feb 2013 01:01:21 +0000 (17:01 -0800)
committerKees Cook <keescook@chromium.org>
Thu, 21 Feb 2013 00:24:01 +0000 (16:24 -0800)
commit707220d357ec1ca1c94e51a0f49ccfe5f44596b6
treefe89af33a6d10b9b2cc085142dc34cb4c5284f3etree
parentfbc4caa397462b4dca4397ff3fa08eeaccbc4367commit | diff
CHERRY-PICK: CHROMIUM: msr: whitelist the i915 thermal control for wrmsr

Deny all userspace MSR writes except those explicitly whitelisted for
i915 thermal controls. Without this, processes with CAP_SYS_RAWIO can
run arbitrary kernel code via MSR writing.

BUG=chromium-os:38756
TEST=link build, wrmsr works only on i915 thermal registers

Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/42910
Reviewed-by: Mandeep Singh Baines <msb@chromium.org>
Change-Id: Iaba154c76d48414633a4df8d07fe94b2a5e81a90
(cherry picked from ToT commit 3b16706f52c471365ed9a391c4803fd7cfcb0c0d)
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/43573
Reviewed-by: Sameer Nanda <snanda@chromium.org>
Reviewed-by: Mandeep Singh Baines <msb@chromium.org>
arch/x86/kernel/msr.c diff | blob | blame | history