From: Josh Boyer <jwboyer@redhat.com>
Date: Wed, 5 Apr 2017 16:40:31 +0000 (+0100)
Subject: acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
X-Git-Tag: archive/raspbian/4.15.4-1+rpi1~1^2^2^2~43
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=2bf3bd4000321d529ebd665a2a2f6b09072b9b23;p=linux.git

acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down

This option allows userspace to pass the RSDP address to the kernel, which
makes it possible for a user to circumvent any restrictions imposed on
loading modules.  Ignore the option when the kernel is locked down.

Signed-off-by: Josh Boyer <jwboyer@redhat.com>
Signed-off-by: David Howells <dhowells@redhat.com>

Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name 0054-acpi-Ignore-acpi_rsdp-kernel-param-when-the-kernel-h.patch
---

diff --git a/drivers/acpi/osl.c b/drivers/acpi/osl.c
index db78d353bab..d4d4ba34845 100644
--- a/drivers/acpi/osl.c
+++ b/drivers/acpi/osl.c
@@ -192,7 +192,7 @@ acpi_physical_address __init acpi_os_get_root_pointer(void)
 	acpi_physical_address pa = 0;
 
 #ifdef CONFIG_KEXEC
-	if (acpi_rsdp)
+	if (acpi_rsdp && !kernel_is_locked_down())
 		return acpi_rsdp;
 #endif