Fix for CVE-2019-1999 not publicly available yet
/proc/iomem: only expose physical resource addresses to privileged users

commit 51d7b120418e99d6b3bf8df9eb3cc31e8171dee4 upstream.

In commit c4004b02f8e5b ("x86: remove the kernel code/data/bss resources
from /proc/iomem") I was hoping to remove the phyiscal kernel address
data from /proc/iomem entirely, but that had to be reverted because some
system programs actually use it.

This limits all the detailed resource information to properly
credentialed users instead.

Signed-off-by: Linus Torvalds <>
Signed-off-by: Mark Salyzyn <>
Signed-off-by: Greg Kroah-Hartman <>
1 file changed