x86/msr: Restrict MSR access when the kernel is locked down (95f5e95f) · Commits · Mirrors / github.com / raspberrypi_linux

Commit 95f5e95f authored Aug 19, 2019 by

Matthew Garrett Committed by James Morris Aug 19, 2019

x86/msr: Restrict MSR access when the kernel is locked down



Writing to MSRs should not be allowed if the kernel is locked down, since
it could lead to execution of arbitrary code in kernel mode.  Based on a
patch by Kees Cook.

Signed-off-by: Matthew Garrett <mjg59@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
cc: x86@kernel.org
Signed-off-by: James Morris <jmorris@namei.org>

parent 96c4f672

Hide whitespace changes

Inline Side-by-side

Please register or to comment