projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a260130) | patch
tracefs: Restrict tracefs when the kernel is locked down
authorMatthew Garrett <matthewgarrett@google.com>
Wed, 31 Jul 2019 22:16:15 +0000 (15:16 -0700)
committerBen Hutchings <ben@decadent.org.uk>
Tue, 19 Nov 2019 01:43:33 +0000 (01:43 +0000)
commit47b161ab4f723cdf115e09f9a55b80586137b10e
tree3e358d567ed4dde04069ea483c1eb0bfc2b473b8tree | snapshot
parenta260130c556ade77746e6bac7b316e5bf1ec9505commit | diff
tracefs: Restrict tracefs when the kernel is locked down

Tracefs may release more information about the kernel than desirable, so
restrict it when the kernel is locked down in confidentiality mode by
preventing open().

Signed-off-by: Matthew Garrett <mjg59@google.com>
Reviewed-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
[bwh: Convert back to the non-LSM lockdown API]

Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name 0031-tracefs-Restrict-tracefs-when-the-kernel-is-locked-d.patch
fs/tracefs/inode.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.