summaryrefslogtreecommitdiffstats
path: root/kernel/kmod.c
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2009-08-13 15:44:57 +0200
committerJames Morris <jmorris@namei.org>2009-08-14 03:18:37 +0200
commit9188499cdb117d86a1ea6b04374095b098d56936 (patch)
tree7c0dd23f2c98630c426cbd0bfbf5e46cc689091e /kernel/kmod.c
parentNetworking: use CAP_NET_ADMIN when deciding to call request_module (diff)
downloadlinux-9188499cdb117d86a1ea6b04374095b098d56936.tar.xz
linux-9188499cdb117d86a1ea6b04374095b098d56936.zip
security: introducing security_request_module
Calling request_module() will trigger a userspace upcall which will load a new module into the kernel. This can be a dangerous event if the process able to trigger request_module() is able to control either the modprobe binary or the module binary. This patch adds a new security hook to request_module() which can be used by an LSM to control a processes ability to call request_module(). Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'kernel/kmod.c')
-rw-r--r--kernel/kmod.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/kernel/kmod.c b/kernel/kmod.c
index 385c31a1bdbf..5a7ae57f983f 100644
--- a/kernel/kmod.c
+++ b/kernel/kmod.c
@@ -78,6 +78,10 @@ int __request_module(bool wait, const char *fmt, ...)
#define MAX_KMOD_CONCURRENT 50 /* Completely arbitrary value - KAO */
static int kmod_loop_msg;
+ ret = security_kernel_module_request();
+ if (ret)
+ return ret;
+
va_start(args, fmt);
ret = vsnprintf(module_name, MODULE_NAME_LEN, fmt, args);
va_end(args);