projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c037a2c) | patch
Restrict /dev/mem and /dev/kmem when the kernel is locked down
authorMatthew Garrett <matthew.garrett@nebula.com>
Wed, 5 Apr 2017 16:40:30 +0000 (17:40 +0100)
committerBen Hutchings <ben@decadent.org.uk>
Fri, 22 Dec 2017 14:12:23 +0000 (14:12 +0000)
commit8289c0fdb439f983bfa7547d90153e04f0f49afa
tree8d12cf1d0b71ef6ba7e6a5559a326645b7fa1e6btree | snapshot
parentc037a2c7df4bd0d933fcc3844462674ed4b834bfcommit | diff
Restrict /dev/mem and /dev/kmem when the kernel is locked down

Allowing users to write to address space makes it possible for the kernel to
be subverted, avoiding module loading restrictions.  Prevent this when the
kernel has been locked down.

Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name 0042-Restrict-dev-mem-and-dev-kmem-when-the-kernel-is-loc.patch
drivers/char/mem.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.