projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bea59fe) | patch
kexec: Disable at runtime if securelevel has been set.
authorMatthew Garrett <mjg59@srcf.ucam.org>
Fri, 9 Aug 2013 07:33:56 +0000 (03:33 -0400)
committerBen Hutchings <ben@decadent.org.uk>
Mon, 12 Jun 2017 15:24:30 +0000 (15:24 +0000)
commit33dd888fce1b396b2cff5861d79f9588b5041eb1
tree74938e5e098d040edbe1a7b9dfb852bf912bac64tree | snapshot
parentbea59fec931b22c671edcaa53187ea0727dbe442commit | diff
kexec: Disable at runtime if securelevel has been set.

kexec permits the loading and execution of arbitrary code in ring 0, which
permits the modification of the running kernel. Prevent this if securelevel
has been set.

Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
Gbp-Pq: Topic features/all/securelevel
Gbp-Pq: Name kexec-disable-at-runtime-if-securelevel-has-been-set.patch
kernel/kexec.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.