projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 32e7086) | patch
tracefs: Restrict tracefs when the kernel is locked down
authorMatthew Garrett <matthewgarrett@google.com>
Wed, 31 Jul 2019 22:16:15 +0000 (15:16 -0700)
committerSalvatore Bonaccorso <carnil@debian.org>
Thu, 26 Sep 2019 12:19:06 +0000 (13:19 +0100)
commit5a0a657c15cec2e486a66f4ed517245b470cdd5a
treee69222c8b3b7f8d023f190bc4b2599757dc9a541tree | snapshot
parent32e70864a6c6507879bab7b190357543f215b6b9commit | diff
tracefs: Restrict tracefs when the kernel is locked down

Tracefs may release more information about the kernel than desirable, so
restrict it when the kernel is locked down in confidentiality mode by
preventing open().

Signed-off-by: Matthew Garrett <mjg59@google.com>
Reviewed-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
[bwh: Convert back to the non-LSM lockdown API]

Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name 0031-tracefs-Restrict-tracefs-when-the-kernel-is-locked-d.patch
fs/tracefs/inode.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.