[PATCH 23/30] x86/mmiotrace: Lock down the testmmiotrace module

[PATCH 00/30] security, efi: Add kernel lockdown · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 01/30] Add the ability to lock down access to the running kernel image · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 02/30] Add a SysRq option to lift kernel lockdown · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 03/30] ima: require secure_boot rules in lockdown mode · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 04/30] Enforce module signatures if the kernel is locked down · David Howells <dhowells@redhat.com> · 2017-11-09
Re: [PATCH 04/30] Enforce module signatures if the kernel is locked down · David Howells <dhowells@redhat.com> · 2018-02-22
Re: [PATCH 04/30] Enforce module signatures if the kernel is locked down · Jiri Bohac <hidden> · 2018-02-22
[PATCH 05/30] Restrict /dev/{mem, kmem, port} when the kernel is locked down · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 06/30] kexec: Disable at runtime if the kernel is locked down · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 07/30] Copy secure_boot flag in boot params across kexec reboot · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 08/30] kexec_file: Restrict at runtime if the kernel is locked down · David Howells <dhowells@redhat.com> · 2017-11-09
Re: [PATCH 08/30] kexec_file: Restrict at runtime if the kernel is locked down · Jiri Bohac <hidden> · 2018-01-11
[PATCH 08a/30] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE · Jiri Bohac <hidden> · 2018-01-11
Re: [PATCH 08a/30] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE · David Howells <dhowells@redhat.com> · 2018-01-16
Re: [PATCH 08a/30] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE · Jiri Bohac <hidden> · 2018-01-16
Re: [PATCH 08a/30] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE · David Howells <dhowells@redhat.com> · 2018-01-17
Re: [PATCH 08a/30] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE · Jiri Bohac <hidden> · 2018-01-19
Re: [PATCH 08a/30] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE · David Howells <dhowells@redhat.com> · 2018-02-21
[PATCH 08b/30] kexec_file: Restrict at runtime if the kernel is locked down · Jiri Bohac <hidden> · 2018-01-11
Re: [PATCH 08/30] kexec_file: Restrict at runtime if the kernel is locked down · David Howells <dhowells@redhat.com> · 2018-01-11
Re: [PATCH 08/30] kexec_file: Restrict at runtime if the kernel is locked down · David Howells <dhowells@redhat.com> · 2018-01-11
Re: [PATCH 08/30] kexec_file: Restrict at runtime if the kernel is locked down · Jiri Bohac <hidden> · 2018-01-11
Re: [PATCH 08/30] kexec_file: Restrict at runtime if the kernel is locked down · David Howells <dhowells@redhat.com> · 2018-01-17
Re: [PATCH 08/30] kexec_file: Restrict at runtime if the kernel is locked down · David Howells <dhowells@redhat.com> · 2018-02-22
Re: [PATCH 08/30] kexec_file: Restrict at runtime if the kernel is locked down · David Howells <dhowells@redhat.com> · 2018-02-22
Re: [PATCH 08/30] kexec_file: Restrict at runtime if the kernel is locked down · Jiri Bohac <hidden> · 2018-02-22
Re: [PATCH 08/30] kexec_file: Restrict at runtime if the kernel is locked down · Jiri Bohac <hidden> · 2018-02-22
[PATCH 09/30] hibernate: Disable when the kernel is locked down · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 10/30] uswsusp: Disable when the kernel is locked down · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 11/30] PCI: Lock down BAR access when the kernel is locked down · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 12/30] x86: Lock down IO port access when the kernel is locked down · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 13/30] x86/msr: Restrict MSR access when the kernel is locked down · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 14/30] asus-wmi: Restrict debugfs interface when the kernel is locked down · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 15/30] ACPI: Limit access to custom_method when the kernel is locked down · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 16/30] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 17/30] acpi: Disable ACPI table override if the kernel is locked down · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 18/30] acpi: Disable APEI error injection if the kernel is locked down · David Howells <dhowells@redhat.com> · 2017-11-09
Re: [PATCH 18/30] acpi: Disable APEI error injection if the kernel is locked down · Joey Lee <JLee@suse.com> · 2019-11-07
Re: [PATCH 18/30] acpi: Disable APEI error injection if the kernel is locked down · joeyli <jlee@suse.com> · 2022-05-28
[PATCH 19/30] scsi: Lock down the eata driver · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 20/30] Prohibit PCMCIA CIS storage when the kernel is locked down · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 21/30] Lock down TIOCSSERIAL · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 22/30] Lock down module params that specify hardware parameters (eg. ioport) · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 23/30] x86/mmiotrace: Lock down the testmmiotrace module · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 24/30] debugfs: Disallow use of debugfs files when the kernel is locked down · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 25/30] Lock down /proc/kcore · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 26/30] Lock down ftrace · David Howells <dhowells@redhat.com> · 2017-11-09
Re: [PATCH 26/30] Lock down ftrace · Jiri Kosina <jikos@kernel.org> · 2017-11-10
Re: [PATCH 26/30] Lock down ftrace · David Howells <dhowells@redhat.com> · 2017-11-10
Re: [PATCH 26/30] Lock down ftrace · Jiri Kosina <jikos@kernel.org> · 2017-11-10
Re: [PATCH 26/30] Lock down ftrace · David Howells <dhowells@redhat.com> · 2017-11-10
Re: [PATCH 26/30] Lock down ftrace · Jiri Kosina <jikos@kernel.org> · 2017-11-10
Re: [PATCH 26/30] Lock down ftrace · David Howells <dhowells@redhat.com> · 2017-11-10
[PATCH 27/30] Lock down kprobes · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 28/30] bpf: Restrict kernel image access functions when the kernel is locked down · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 29/30] efi: Add an EFI_SECURE_BOOT flag to indicate secure boot mode · David Howells <dhowells@redhat.com> · 2017-11-09
[PATCH 30/30] efi: Lock down the kernel if booted in secure boot mode · David Howells <dhowells@redhat.com> · 2017-11-09
Re: [PATCH 00/30] security, efi: Add kernel lockdown · Andrew Morton <akpm@linux-foundation.org> · 2018-03-03

STALE1464d

Revisions (2)

2017-10-19 v1 [diff vs current]
2017-11-09 v1 current

From: dhowells@redhat.com (David Howells)
Date: 2017-11-09 17:33:39
Also in: linux-efi, lkml
Subsystem: the rest, tracing mmio accesses (mmiotrace), x86 architecture (32-bit and 64-bit), x86 mm · Maintainers: Linus Torvalds, Steven Rostedt, Masami Hiramatsu, Thomas Gleixner, Ingo Molnar, Borislav Petkov, Dave Hansen, Andy Lutomirski, Peter Zijlstra

The testmmiotrace module shouldn't be permitted when the kernel is locked
down as it can be used to arbitrarily read and write MMIO space.

Suggested-by: Thomas Gleixner <redacted>
Signed-off-by: David Howells <dhowells at redhat.com
cc: Thomas Gleixner <redacted>
cc: Steven Rostedt <rostedt@goodmis.org>
cc: Ingo Molnar <mingo@kernel.org>
cc: "H. Peter Anvin" <hpa@zytor.com>
cc: x86 at kernel.org
---

 arch/x86/mm/testmmiotrace.c |    3 +++
 1 file changed, 3 insertions(+)

diff --git a/arch/x86/mm/testmmiotrace.c b/arch/x86/mm/testmmiotrace.c
index f6ae6830b341..bbaad357f5d7 100644
--- a/arch/x86/mm/testmmiotrace.c
+++ b/arch/x86/mm/testmmiotrace.c

@@ -115,6 +115,9 @@ static int __init init(void)
 {
 	unsigned long size = (read_far) ? (8 << 20) : (16 << 10);
 
+	if (kernel_is_locked_down("MMIO trace testing"))
+		return -EPERM;
+
 	if (mmio_address == 0) {
 		pr_err("you have to use the module argument mmio_address.\n");
 		pr_err("DO NOT LOAD THIS MODULE UNLESS YOU REALLY KNOW WHAT YOU ARE DOING!\n");

--

To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info@ http://vger.kernel.org/majordomo-info.html

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help