]> xenbits.xensource.com Git - people/aperard/linux-chromebook.git/commit
projects / people / aperard / linux-chromebook.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d4e1803) | patch
CHROMIUM: msr: whitelist the i915 thermal control for wrmsr
authorKees Cook <keescook@chromium.org>
Fri, 8 Feb 2013 01:01:21 +0000 (17:01 -0800)
committerChromeBot <chrome-bot@google.com>
Fri, 8 Feb 2013 06:06:12 +0000 (22:06 -0800)
commit3b16706f52c471365ed9a391c4803fd7cfcb0c0d
treeada465d67ccd5438b96ef02f5a5675b4d42ec6a1tree
parentd4e180354493bb09423798e8833b76334b6cc215commit | diff
CHROMIUM: msr: whitelist the i915 thermal control for wrmsr

Deny all userspace MSR writes except those explicitly whitelisted for
i915 thermal controls. Without this, processes with CAP_SYS_RAWIO can
run arbitrary kernel code via MSR writing.

BUG=chromium-os:38756
TEST=link build, wrmsr works only on i915 thermal registers

Change-Id: Iff5b9a466dbddd5d94e9246ff99b63a21c975406
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/42910
Reviewed-by: Mandeep Singh Baines <msb@chromium.org>
arch/x86/kernel/msr.c diff | blob | blame | history