[02/30] Add a SysRq option to lift kernel lockdown
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=
a420ebff9e6d0153119096706918e3925ea860fc
Make an option to provide a sysrq key that will lift the kernel lockdown,
thereby allowing the running kernel image to be accessed and modified.
On x86 this is triggered with SysRq+x, but this key may not be available on
all arches, so it is set by setting LOCKDOWN_LIFT_KEY in asm/setup.h.
Since this macro must be defined in an arch to be able to use this facility
for that arch, the Kconfig option is restricted to arches that support it.
Signed-off-by: Kyle McMartin <kyle@redhat.com>
Signed-off-by: David Howells <dhowells@redhat.com>
cc: x86@kernel.org
[bwh: Forward-ported to upstream lockdown:
- Change config dependency to SECURITY_LOCKDOWN_LSM
- Compare kernel_locked_down with LOCKDOWN_NONE instead of treating it
as a bool
- Adjust filenames, context]
Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name add-a-sysrq-option-to-lift-kernel-lockdown.patch
projects / linux.git / commit