projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cc9dea7) | patch
kexec: Disable at runtime if securelevel has been set.
authorMatthew Garrett <mjg59@srcf.ucam.org>
Fri, 9 Aug 2013 07:33:56 +0000 (03:33 -0400)
committerBen Hutchings <ben@decadent.org.uk>
Tue, 2 May 2017 15:21:44 +0000 (15:21 +0000)
commit412c20b1c892fcc4b6d5eea555a7961773c8a12a
treed05e4e9d026a99f9013ffa7e12b75eabb1061983tree | snapshot
parentcc9dea763681369202220c7296f6c41226cd33b5commit | diff
kexec: Disable at runtime if securelevel has been set.

kexec permits the loading and execution of arbitrary code in ring 0, which
permits the modification of the running kernel. Prevent this if securelevel
has been set.

Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
Gbp-Pq: Topic features/all/securelevel
Gbp-Pq: Name kexec-disable-at-runtime-if-securelevel-has-been-set.patch
kernel/kexec.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.