Linux Patches Look To Restrict Modules From Poking Certain Registers, Using Select Instructions

Last year the Linux kernel began tightening up the ability to write to select CPU MSRs from user-space. That restricting of user-space access to select registers was done in the name of security as well as not wanting user-space to accidentally or maliciously poke some MSRs that could cause problems with kernel behavior. Now in kernel space there are some yet-to-be-merged patches that would place some new restrictions on kernel modules around poking certain registers or using select CPU instructions.

Originally written last April and now queued as part of his own branch, longtime kernel developer Peter Zijlstra has patches placing new restrictions on kernel modules.

One change is to disallow some CPL0 instructions. What started out with the desire to disallow modules from poking the global descriptor table (GDT) or returning to user-space, further precautions are error out if a module tries to alter the register state or messing with the FS/GS base.

An additional patch is detecting CRn and DRn manipulation. That work is to disallow kernel modules writing to control CRN / XCRn and debug DRn registers. Using the proper accessors is desired rather than poking those control/debug registers directly.

For now these patches are part of Zijlstra's x86/module code but we'll see if they go mainline soon enough in trying to enforce clean kernel module behavior.