Re: [PATCH] x86: Lock down MSR writing in secure boot
From: Matthew Garrett
Date: Fri Feb 08 2013 - 14:27:27 EST
On Fri, 2013-02-08 at 11:21 -0800, Kees Cook wrote:
> On Fri, Feb 8, 2013 at 11:17 AM, Matthew Garrett
> <matthew.garrett@xxxxxxxxxx> wrote:
> > On Fri, 2013-02-08 at 11:12 -0800, Kees Cook wrote:
> >> Writing to MSRs should not be allowed unless CAP_COMPROMISE_KERNEL is
> >> set since it could lead to execution of arbitrary code in kernel mode.
> >
> > Willing to buy this, but do you have a description of one potential
> > approach? We should probably also figure out what's writing to MSRs at
> > the moment (anything other than energy_perf_bias?) and decide what the
> > best thing to do there is.
>
> Yes, change the SYSENTER entry point to where-ever you like. There are
> examples already written:
> http://grsecurity.net/~spender/msr32.c
Cool. Yup, this sounds like a good plan.
¢éì®&Þ~º&¶¬+-±éÝ¥w®Ë±Êâmébìdz¹Þ)í
æèw*jg¬±¨¶Ýj/êäz¹Þà2Þ¨èÚ&¢)ß«a¶Úþø®G«éh®æj:+v¨wèÙ>W±êÞiÛaxPjØm¶ÿÃ-»+ùd_