Fix for CVE-2019-1999 not publicly available yet
/proc/iomem: only expose physical resource addresses to privileged users
commit 51d7b120418e99d6b3bf8df9eb3cc31e8171dee4 upstream.
In commit c4004b02f8e5b ("x86: remove the kernel code/data/bss resources
from /proc/iomem") I was hoping to remove the phyiscal kernel address
data from /proc/iomem entirely, but that had to be reverted because some
system programs actually use it.
This limits all the detailed resource information to properly
credentialed users instead.
Signed-off-by: Linus Torvalds <email@example.com>
Signed-off-by: Mark Salyzyn <firstname.lastname@example.org>
Signed-off-by: Greg Kroah-Hartman <email@example.com>
1 file changed