projects / platform / kernel / linux-starfive.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 906357f) | patch
lockdown: Lock down /proc/kcore
authorDavid Howells <dhowells@redhat.com>
Tue, 20 Aug 2019 00:17:57 +0000 (17:17 -0700)
committerJames Morris <jmorris@namei.org>
Tue, 20 Aug 2019 04:54:16 +0000 (21:54 -0700)
commit02e935bf5b34edcc4cb0dc532dd0e1a1bfb33b51
treed1029d3f5dccd6dbba74b1d0b445fa2b5ee4ffb4tree | snapshot
parent906357f77a077508d160e729f917c5f0a4304f25commit | diff
lockdown: Lock down /proc/kcore

Disallow access to /proc/kcore when the kernel is locked down to prevent
access to cryptographic data. This is limited to lockdown
confidentiality mode and is still permitted in integrity mode.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Matthew Garrett <mjg59@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: James Morris <jmorris@namei.org>
fs/proc/kcore.c diff | blob | history
include/linux/security.h diff | blob | history
security/lockdown/lockdown.c diff | blob | history
Domain: System / Kernel;