diff options
| author | Eric Paris <eparis@redhat.com> | 2009-08-13 09:44:57 -0400 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2009-08-13 21:18:37 -0400 |
| commit | 9188499cdb117d86a1ea6b04374095b098d56936 (patch) | |
| tree | 7c0dd23f2c98630c426cbd0bfbf5e46cc689091e /kernel | |
| parent | a8f80e8ff94ecba629542d9b4b5f5a8ee3eb565c (diff) | |
security: introducing security_request_module
Calling request_module() will trigger a userspace upcall which will load a
new module into the kernel. This can be a dangerous event if the process
able to trigger request_module() is able to control either the modprobe
binary or the module binary. This patch adds a new security hook to
request_module() which can be used by an LSM to control a processes ability
to call request_module().
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/kmod.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/kernel/kmod.c b/kernel/kmod.c index 385c31a1bdbf..5a7ae57f983f 100644 --- a/kernel/kmod.c +++ b/kernel/kmod.c | |||
| @@ -78,6 +78,10 @@ int __request_module(bool wait, const char *fmt, ...) | |||
| 78 | #define MAX_KMOD_CONCURRENT 50 /* Completely arbitrary value - KAO */ | 78 | #define MAX_KMOD_CONCURRENT 50 /* Completely arbitrary value - KAO */ |
| 79 | static int kmod_loop_msg; | 79 | static int kmod_loop_msg; |
| 80 | 80 | ||
| 81 | ret = security_kernel_module_request(); | ||
| 82 | if (ret) | ||
| 83 | return ret; | ||
| 84 | |||
| 81 | va_start(args, fmt); | 85 | va_start(args, fmt); |
| 82 | ret = vsnprintf(module_name, MODULE_NAME_LEN, fmt, args); | 86 | ret = vsnprintf(module_name, MODULE_NAME_LEN, fmt, args); |
| 83 | va_end(args); | 87 | va_end(args); |