From patchwork Tue Nov 5 20:35:05 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1189920 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4771d46LZLz9sPf; Wed, 6 Nov 2019 07:35:20 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1iS5Xo-0003by-HZ; Tue, 05 Nov 2019 20:35:16 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1iS5Xl-0003aa-Ms for kernel-team@lists.ubuntu.com; Tue, 05 Nov 2019 20:35:13 +0000 Received: from mail-yw1-f69.google.com ([209.85.161.69]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1iS5Xl-0002FH-F4 for kernel-team@lists.ubuntu.com; Tue, 05 Nov 2019 20:35:13 +0000 Received: by mail-yw1-f69.google.com with SMTP id u202so17368566ywe.20 for ; Tue, 05 Nov 2019 12:35:13 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Ww1n/uqZJkgBo4+9peHwE+7yQtBnB22r5t4JaHgHkrU=; b=FxQLQ7G8fB2D1ra2V+DGWC6APkbKIRpcQBoAuMxtq3GydoXr3x3PzssqxIOpOVhVPI 8VudqoY1NPEiUBD3Zat8ZHWEU8vPREN7WnBmuMwi3XGYsCxYUxjoLl72AVug92upNltZ Ec4wXM6dMqQ3QqPTN9BmFkJfZElsLyzjcKWvBHXxMIXTL/GD8ZeMqOZGTsFvsJucwx5G rDYm0sX3+t9MRRoJoDU4SdzqmWWQaBvTTPvIFFhkyGkuhjHLtxMhETwoOcaSs28+sll8 jJxQkrNqwupbw0e4052eX2fbH859uLXy04P9LP8mMkH3uyYE434yrd3YvYDlZeZ9lEV5 5ULA== X-Gm-Message-State: APjAAAXzP1qbFrufl2RuSUQH2QKrq5O6uY80pmncbiyxSMuHlep4ZIhq o4NATFh8TNXAMpduwXzN4kLeb+YfDeWlIP0T/P6fIKceg9ZUNpr3BMhBQBsmQD6VIQzQL8DfVpl 8TJRKv0a/CV2D0vUmLIb/MSFKAVtz0naiDfs1QLyuqg== X-Received: by 2002:a25:e04f:: with SMTP id x76mr13021186ybg.114.1572986112247; Tue, 05 Nov 2019 12:35:12 -0800 (PST) X-Google-Smtp-Source: APXvYqwJbDVBnSWHUyHcUK1bVioNGZ/fQ/N38vW99xJg6l0BHrEgCvPIG1n6+9ahUfUyiGWk6bqZcQ== X-Received: by 2002:a25:e04f:: with SMTP id x76mr13021172ybg.114.1572986111850; Tue, 05 Nov 2019 12:35:11 -0800 (PST) Received: from localhost ([2605:a601:ac3:9720:c5fa:bd86:e49d:5adc]) by smtp.gmail.com with ESMTPSA id z139sm13299605ywz.32.2019.11.05.12.35.11 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 05 Nov 2019 12:35:11 -0800 (PST) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH 2/2][SRU][E] UBUNTU: SAUCE: (efi-lockdown) Really don't allow lifting lockdown from userspace Date: Tue, 5 Nov 2019 14:35:05 -0600 Message-Id: <20191105203505.28634-3-seth.forshee@canonical.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191105203505.28634-1-seth.forshee@canonical.com> References: <20191105203505.28634-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" BugLink: https://bugs.launchpad.net/bugs/1851380 "UBUNTU: SAUCE: (efi-lockdown) Add a SysRq option to lift kernel lockdown" adds a sysrq key to lift kernel lockdown, which is meant to only allow a physically present user to lift lockdown using a keyboard. However, the code has a bug which also allows root to lift lockdown through /proc/sysrq-trigger. Fix this bug to make this work as intended. Signed-off-by: Seth Forshee Acked-by: Tyler Hicks --- drivers/tty/sysrq.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/drivers/tty/sysrq.c b/drivers/tty/sysrq.c index 7cc95a8bdf8d..99082faafc44 100644 --- a/drivers/tty/sysrq.c +++ b/drivers/tty/sysrq.c @@ -549,13 +549,13 @@ void __handle_sysrq(int key, unsigned int from) if (op_p) { /* Ban synthetic events from some sysrq functionality */ if ((from == SYSRQ_FROM_PROC || from == SYSRQ_FROM_SYNTHETIC) && - op_p->enable_mask & SYSRQ_DISABLE_USERSPACE) + op_p->enable_mask & SYSRQ_DISABLE_USERSPACE) { printk("This sysrq operation is disabled from userspace.\n"); - /* - * Should we check for enabled operations (/proc/sysrq-trigger - * should not) and is the invoked operation enabled? - */ - if (from == SYSRQ_FROM_KERNEL || sysrq_on_mask(op_p->enable_mask)) { + } else if (from == SYSRQ_FROM_KERNEL || sysrq_on_mask(op_p->enable_mask)) { + /* + * Should we check for enabled operations (/proc/sysrq-trigger + * should not) and is the invoked operation enabled? + */ pr_info("%s\n", op_p->action_msg); console_loglevel = orig_log_level; op_p->handler(key);