(Forgot Cc'ing Eric Paris, adding.) > Eric pointed out that kexec_load() actually allows you to > run any code you want in ring0, this is more like CAP_SYS_MODULE. > > Reported-by: Eric Paris<eparis at redhat.com> > Signed-off-by: WANG Cong<amwang at redhat.com> > > --- > diff --git a/kernel/kexec.c b/kernel/kexec.c > index b55045b..c30d613 100644 > --- a/kernel/kexec.c > +++ b/kernel/kexec.c > @@ -945,7 +945,7 @@ SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments, > int result; > > /* We only trust the superuser with rebooting the system. */ > - if (!capable(CAP_SYS_BOOT)) > + if (!capable(CAP_SYS_BOOT) || !capable(CAP_SYS_MODULE)) > return -EPERM; > > /*
