x86: Restrict MSR access when the kernel is locked down

Writing to MSRs should not be allowed if the kernel is locked down, since
it could lead to execution of arbitrary code in kernel mode.  Based on a
patch by Kees Cook.

Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name 0051-x86-Restrict-MSR-access-when-the-kernel-is-locked-do.patch

diff --git a/arch/x86/kernel/msr.c b/arch/x86/kernel/msr.c
index ef688804f80d33088fef15448996a97f69e2b193..fbcce028e502f37b3e1c50818ad74f87b38e3c62 100644 (file)
--- a/arch/x86/kernel/msr.c
+++ b/arch/x86/kernel/msr.c
@@ -84,6 +84,9 @@ static ssize_t msr_write(struct file *file, const char __user *buf,
        int err = 0;
        ssize_t bytes = 0;
 
+       if (kernel_is_locked_down())
+               return -EPERM;
+
        if (count % 8)
                return -EINVAL; /* Invalid chunk size */
 
@@ -131,6 +134,10 @@ static long msr_ioctl(struct file *file, unsigned int ioc, unsigned long arg)
                        err = -EBADF;
                        break;
                }
+               if (kernel_is_locked_down()) {
+                       err = -EPERM;
+                       break;
+               }
                if (copy_from_user(&regs, uregs, sizeof regs)) {
                        err = -EFAULT;
                        break;