coretempd: disable MSR fallback, use /scheme/sys/cpu exclusively
Kernel has a use-after-free bug in sys_read triggered by /scheme/sys/msr access. The probe guard prevents most crashes but the kernel bug can still trigger during MSR read paths. Removing the MSR fallback eliminates this crash path entirely. Vendor detection now uses /scheme/sys/cpu only.
This commit is contained in:
@@ -633,3 +633,15 @@ path = "/etc/environment.d/90-dbus.conf"
|
||||
data = """
|
||||
DBUS_SYSTEM_BUS_ADDRESS=unix:path=/run/dbus/system_bus_socket
|
||||
"""
|
||||
|
||||
[[files]]
|
||||
path = "/home/user"
|
||||
data = ""
|
||||
directory = true
|
||||
mode = 0o755
|
||||
|
||||
[[files]]
|
||||
path = "/root"
|
||||
data = ""
|
||||
directory = true
|
||||
mode = 0o700
|
||||
|
||||
@@ -63,14 +63,9 @@ fn detect_vendor(cpu: u32) -> Vendor {
|
||||
return Vendor::Amd;
|
||||
}
|
||||
}
|
||||
// Fall back to MSR probing if platform info unavailable
|
||||
if read_msr(cpu, IA32_THERM_STATUS).is_some() {
|
||||
Vendor::Intel
|
||||
} else if read_msr(cpu, AMD_TCTL).is_some() {
|
||||
Vendor::Amd
|
||||
} else {
|
||||
Vendor::Unknown
|
||||
}
|
||||
// MSR probing disabled: even with the probe guard, the kernel can UAF
|
||||
// during sys_read on /scheme/sys/msr. Use /scheme/sys/cpu exclusively.
|
||||
Vendor::Unknown
|
||||
}
|
||||
|
||||
fn detect_cpus() -> Vec<u32> {
|
||||
|
||||
Reference in New Issue
Block a user