projects / linux-4.9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: af81759) | patch
kexec: Disable at runtime if securelevel has been set.
authorMatthew Garrett <mjg59@srcf.ucam.org>
Fri, 9 Aug 2013 07:33:56 +0000 (03:33 -0400)
committerYves-Alexis Perez <corsac@debian.org>
Fri, 9 Feb 2018 12:58:52 +0000 (12:58 +0000)
commit1edb7d725700d74fff7874ad685bdbcf72ed63ba
tree66f1771c53706ecc664ee46e7c594415682c6b97tree | snapshot
parentaf81759b099b779afaa6bb8092dc579975d85434commit | diff
kexec: Disable at runtime if securelevel has been set.

kexec permits the loading and execution of arbitrary code in ring 0, which
permits the modification of the running kernel. Prevent this if securelevel
has been set.

Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
Gbp-Pq: Topic features/all/securelevel
Gbp-Pq: Name kexec-disable-at-runtime-if-securelevel-has-been-set.patch
kernel/kexec.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.