summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSeth Forshee <seth.forshee@canonical.com>2019-11-05 14:35:04 -0600
committerStefan Bader <stefan.bader@canonical.com>2019-11-12 19:04:39 +0100
commit1c59aeeaa09d42c7718bfdd2e1f7612987dae561 (patch)
tree1b859be144dff298962fd205f9f7802627f09446
parent73796cba5898d2d1106866239d1bbf72beca9cab (diff)
UBUNTU: SAUCE: (efi-lockdown) Really don't allow lifting lockdown from userspace
BugLink: https://bugs.launchpad.net/bugs/1851380 "UBUNTU: SAUCE: (efi-lockdown) Add a SysRq option to lift kernel lockdown" adds a sysrq key to lift kernel lockdown, which is meant to only allow a physically present user to lift lockdown using a keyboard. However, the code has a bug which also allows root to lift lockdown through /proc/sysrq-trigger. Fix this bug to make this work as intended. Signed-off-by: Seth Forshee <seth.forshee@canonical.com> Acked-by: Connor Kuehl <connor.kuehl@canonical.com> Acked-by: Tyler Hicks <tyhicks@canonical.com> Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>
-rw-r--r--drivers/tty/sysrq.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/drivers/tty/sysrq.c b/drivers/tty/sysrq.c
index 7c06541..f720039 100644
--- a/drivers/tty/sysrq.c
+++ b/drivers/tty/sysrq.c
@@ -553,13 +553,13 @@ void __handle_sysrq(int key, unsigned int from)
if (op_p) {
/* Ban synthetic events from some sysrq functionality */
if ((from == SYSRQ_FROM_PROC || from == SYSRQ_FROM_SYNTHETIC) &&
- op_p->enable_mask & SYSRQ_DISABLE_USERSPACE)
+ op_p->enable_mask & SYSRQ_DISABLE_USERSPACE) {
printk("This sysrq operation is disabled from userspace.\n");
- /*
- * Should we check for enabled operations (/proc/sysrq-trigger
- * should not) and is the invoked operation enabled?
- */
- if (from == SYSRQ_FROM_KERNEL || sysrq_on_mask(op_p->enable_mask)) {
+ } else if (from == SYSRQ_FROM_KERNEL || sysrq_on_mask(op_p->enable_mask)) {
+ /*
+ * Should we check for enabled operations (/proc/sysrq-trigger
+ * should not) and is the invoked operation enabled?
+ */
pr_cont("%s\n", op_p->action_msg);
console_loglevel = orig_log_level;
op_p->handler(key);