projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f298641) | patch
Restrict /dev/mem and /dev/kmem when the kernel is locked down
authorMatthew Garrett <matthew.garrett@nebula.com>
Wed, 5 Apr 2017 16:40:30 +0000 (17:40 +0100)
committerBen Hutchings <ben@decadent.org.uk>
Sat, 12 Aug 2017 22:09:26 +0000 (23:09 +0100)
commit0077bd5f0a50deac395194e628d48b806b1d538d
tree31ce9e70ab8b434da82c3216a1c0e3b57f48398dtree | snapshot
parentf298641f14bc3117b07935c459b6d83c470cfa43commit | diff
Restrict /dev/mem and /dev/kmem when the kernel is locked down

Allowing users to write to address space makes it possible for the kernel to
be subverted, avoiding module loading restrictions.  Prevent this when the
kernel has been locked down.

Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name 0042-Restrict-dev-mem-and-dev-kmem-when-the-kernel-is-loc.patch
drivers/char/mem.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.