[PATCH v3 2/3] kexec: Factor out kexec_load_permitted

Linux Documentation
 help / color / mirror / Atom feed

From: Ricardo Ribalda <ribalda@chromium.org>
To: Philipp Rudo <prudo@redhat.com>,
	Eric Biederman <ebiederm@xmission.com>,
	Jonathan Corbet <corbet@lwn.net>,
	"Guilherme G. Piccoli" <gpiccoli@igalia.com>
Cc: linux-doc@vger.kernel.org,
	Sergey Senozhatsky <senozhatsky@chromium.org>,
	Steven Rostedt <rostedt@goodmis.org>,
	linux-kernel@vger.kernel.org,
	"Joel Fernandes (Google)" <joel@joelfernandes.org>,
	Ricardo Ribalda <ribalda@chromium.org>,
	Ross Zwisler <zwisler@kernel.org>,
	kexec@lists.infradead.org
Subject: [PATCH v3 2/3] kexec: Factor out kexec_load_permitted
Date: Tue, 20 Dec 2022 23:05:44 +0100	[thread overview]
Message-ID: <20221114-disable-kexec-reset-v3-2-4ef4e929adf6@chromium.org> (raw)
In-Reply-To: <20221114-disable-kexec-reset-v3-0-4ef4e929adf6@chromium.org>

Both syscalls (kexec and kexec_file) do the same check, lets factor it
out.

Signed-off-by: Ricardo Ribalda <ribalda@chromium.org>
---
 include/linux/kexec.h |  3 ++-
 kernel/kexec.c        |  2 +-
 kernel/kexec_core.c   | 11 ++++++++++-
 kernel/kexec_file.c   |  2 +-
 4 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/include/linux/kexec.h b/include/linux/kexec.h
index 41a686996aaa..182e0c11b87b 100644
--- a/include/linux/kexec.h
+++ b/include/linux/kexec.h
@@ -406,7 +406,8 @@ extern int kimage_crash_copy_vmcoreinfo(struct kimage *image);
 
 extern struct kimage *kexec_image;
 extern struct kimage *kexec_crash_image;
-extern int kexec_load_disabled;
+
+bool kexec_load_permitted(void);
 
 #ifndef kexec_flush_icache_page
 #define kexec_flush_icache_page(page)
diff --git a/kernel/kexec.c b/kernel/kexec.c
index cb8e6e6f983c..ce1bca874a8d 100644
--- a/kernel/kexec.c
+++ b/kernel/kexec.c
@@ -193,7 +193,7 @@ static inline int kexec_load_check(unsigned long nr_segments,
 	int result;
 
 	/* We only trust the superuser with rebooting the system. */
-	if (!capable(CAP_SYS_BOOT) || kexec_load_disabled)
+	if (!kexec_load_permitted())
 		return -EPERM;
 
 	/* Permit LSMs and IMA to fail the kexec */
diff --git a/kernel/kexec_core.c b/kernel/kexec_core.c
index ca2743f9c634..a1efc70f4158 100644
--- a/kernel/kexec_core.c
+++ b/kernel/kexec_core.c
@@ -928,7 +928,7 @@ int kimage_load_segment(struct kimage *image,
 
 struct kimage *kexec_image;
 struct kimage *kexec_crash_image;
-int kexec_load_disabled;
+static int kexec_load_disabled;
 #ifdef CONFIG_SYSCTL
 static struct ctl_table kexec_core_sysctls[] = {
 	{
@@ -952,6 +952,15 @@ static int __init kexec_core_sysctl_init(void)
 late_initcall(kexec_core_sysctl_init);
 #endif
 
+bool kexec_load_permitted(void)
+{
+	/*
+	 * Only the superuser can use the kexec syscall and if it has not
+	 * been disabled.
+	 */
+	return capable(CAP_SYS_BOOT) && !kexec_load_disabled;
+}
+
 /*
  * No panic_cpu check version of crash_kexec().  This function is called
  * only when panic_cpu holds the current CPU number; this is the only CPU
diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c
index 45637511e0de..29efa43ea951 100644
--- a/kernel/kexec_file.c
+++ b/kernel/kexec_file.c
@@ -330,7 +330,7 @@ SYSCALL_DEFINE5(kexec_file_load, int, kernel_fd, int, initrd_fd,
 	struct kimage **dest_image, *image;
 
 	/* We only trust the superuser with rebooting the system. */
-	if (!capable(CAP_SYS_BOOT) || kexec_load_disabled)
+	if (!kexec_load_permitted())
 		return -EPERM;
 
 	/* Make sure we have a legal set of flags */

-- 
2.39.0.314.g84b9a713c41-goog-b4-0.11.0-dev-696ae

next prev parent reply	other threads:[~2022-12-20 22:06 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-12-20 22:05 [PATCH v3 0/3] kexec: Add new parameter to limit the access to kexec Ricardo Ribalda
2022-12-20 22:05 ` [PATCH v3 1/3] Documentation: sysctl: Correct kexec_load_disabled Ricardo Ribalda
2022-12-20 22:05 ` Ricardo Ribalda [this message]
2022-12-20 22:05 ` [PATCH v3 3/3] kexec: Introduce parameters load_limit_reboot and load_limit_panic Ricardo Ribalda
2022-12-21  0:22   ` Steven Rostedt
2022-12-21  1:22     ` Ricardo Ribalda
2022-12-21  2:52       ` Steven Rostedt

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:41a686996aa dfblob:182e0c11b87 dfblob:cb8e6e6f983
dfblob:ce1bca874a8 dfblob:ca2743f9c63 dfblob:a1efc70f415
dfblob:45637511e0d dfblob:29efa43ea95 )
 OR (
bs:"[PATCH v3 2/3] kexec: Factor out kexec_load_permitted" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20221114-disable-kexec-reset-v3-2-4ef4e929adf6@chromium.org \
    --to=ribalda@chromium.org \
    --cc=corbet@lwn.net \
    --cc=ebiederm@xmission.com \
    --cc=gpiccoli@igalia.com \
    --cc=joel@joelfernandes.org \
    --cc=kexec@lists.infradead.org \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=prudo@redhat.com \
    --cc=rostedt@goodmis.org \
    --cc=senozhatsky@chromium.org \
    --cc=zwisler@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox