projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5f86984) | patch
tracefs: Restrict tracefs when the kernel is locked down
authorMatthew Garrett <matthewgarrett@google.com>
Wed, 31 Jul 2019 22:16:15 +0000 (15:16 -0700)
committerBen Hutchings <ben@decadent.org.uk>
Wed, 21 Aug 2019 12:48:11 +0000 (13:48 +0100)
commit1d7cb18003ea2743ea8adf614160cf9d9aa1e620
treef6dcfc0be824cbb31fbfd16280e06e4bd428a8e6tree | snapshot
parent5f8698463ea92d3568dc0c2d9f0e92f1992f1d4bcommit | diff
tracefs: Restrict tracefs when the kernel is locked down

Tracefs may release more information about the kernel than desirable, so
restrict it when the kernel is locked down in confidentiality mode by
preventing open().

Signed-off-by: Matthew Garrett <mjg59@google.com>
Reviewed-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
[bwh: Convert back to the non-LSM lockdown API]

Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name 0031-tracefs-Restrict-tracefs-when-the-kernel-is-locked-d.patch
fs/tracefs/inode.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.