linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH 00/27] security, efi: Add kernel lockdown
@ 2017-10-19 14:50 David Howells
  2017-10-19 14:50 ` [PATCH 01/27] Add the ability to lock down access to the running kernel image David Howells
                   ` (30 more replies)
  0 siblings, 31 replies; 156+ messages in thread
From: David Howells @ 2017-10-19 14:50 UTC (permalink / raw)
  To: linux-security-module
  Cc: gnomes, linux-efi, matthew.garrett, gregkh, linux-kernel,
	dhowells, jforbes


Here's a set of patches to institute a "locked-down mode" in the kernel and
to trigger that mode if the kernel is booted in secure-boot mode or through
the command line.

Enabling CONFIG_LOCK_DOWN_KERNEL makes lockdown mode available.

Enabling CONFIG_ALLOW_LOCKDOWN_LIFT_BY_SYSRQ will allow a SysRq combination
to lift the lockdown.  On x86 this is SysRq+x.  The keys must be pressed on
an attached keyboard.

Enabling CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT will cause EFI secure boot to
trigger kernel lockdown.

Inside the kernel, kernel_is_locked_down() is used to check if the kernel
is in lockdown mode.

Note that the secure boot mode entry doesn't work if the kernel is booted
from older versions of i386/x86_64 Grub as there's a bug in Grub whereby it
doesn't initialise the boot_params correctly.  The incorrect initialisation
causes sanitize_boot_params() to be triggered, thereby zapping the secure
boot flag determined by the EFI boot wrapper.

A manual page, kernel_lockdown.7, is proposed, to which people will be
directed by messages in dmesg.  This lists the features that are restricted
amongst other things.

I'm aware there may be things that aren't yet handled, but we can add those
later.

====================
PROPOSED MANUAL PAGE
====================

.\"
.\" Copyright (C) 2017 Red Hat, Inc. All Rights Reserved.
.\" Written by David Howells (dhowells@redhat.com)
.\"
.\" % % %LICENSE_START(GPLv2+_SW_ONEPARA)
.\" This program is free software; you can redistribute it and/or
.\" modify it under the terms of the GNU General Public License
.\" as published by the Free Software Foundation; either version
.\" 2 of the License, or (at your option) any later version.
.\" % % %LICENSE_END
.\"
.TH "KERNEL LOCKDOWN" 7 2017-10-05 Linux "Linux Programmer's Manual"
.SH NAME
Kernel Lockdown \- Kernel image access prevention feature
.SH DESCRIPTION
The Kernel Lockdown feature is designed to prevent both direct and indirect
access to a running kernel image, attempting to protect against unauthorised
modification of the kernel image and to prevent access to security and
cryptographic data located in kernel memory, whilst still permitting driver
modules to be loaded.
.P
Lockdown is typically enabled during boot and may be terminated, if configured,
by typing a special key combination on a directly attached physical keyboard.
.P
If a prohibited or restricted feature is accessed or used, the kernel will emit
a message that looks like:
.P
.RS
	Lockdown: X is restricted, see man kernel_lockdown.7
.RE
.P
where X indicates what is restricted.
.P
On an EFI-enabled x86 or arm64 machine, lockdown will be automatically enabled
if the system boots in EFI Secure Boot mode.
.P
If the kernel is appropriately configured, lockdown may be lifted by typing the
appropriate sequence on a directly attached physical keyboard.  For x86
machines, this is
.IR SysRq+x .
.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
.SH COVERAGE
When lockdown is in effect, a number of things are disabled or restricted in
use.  This includes special device files and kernel services that allow direct
access of the kernel image:
.P
.RS
/dev/mem
.br
/dev/kmem
.br
/dev/kcore
.br
/dev/ioports
.br
BPF memory access functions
.RE
.P
and the ability to directly configure and control devices, so as to prevent the
use of a device to access or modify a kernel image:
.P
.RS
The use of module parameters that directly specify hardware parameters to
drivers through the kernel command line or when loading a module.
.P
The use of direct PCI BAR access.
.P
The use of the ioperm and iopl instructions on x86.
.P
The use of the KD*IO console ioctls.
.P
The use of the TIOCSSERIAL serial ioctl.
.P
The alteration of MSR registers on x86.
.P
The replacement of the PCMCIA CIS.
.P
The overriding of ACPI tables.
.P
The use of ACPI error injection.
.P
The specification of the ACPI RDSP address.
.P
The use of ACPI custom methods.
.RE
.P
The following facilities are restricted:
.P
.RS
Only validly signed modules may be loaded.
.P
Only validly signed binaries may be kexec'd.
.P
Only validly signed device firmware may be loaded.
.P
Unencrypted hibernation/suspend to swap are disallowed as the kernel image is
saved to a medium that can then be accessed.
.P
Use of debugfs is not permitted as this allows a whole range of actions
including direct configuration of, access to and driving of hardware.
.RE
.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
.SH SEE ALSO
.ad l
.nh


The patches can be found here also:

	http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=efi-lock-down

Tagged thusly:

	git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git
	lockdown-20171019

David
---
Chun-Yi Lee (2):
      kexec_file: Disable at runtime if securelevel has been set
      bpf: Restrict kernel image access functions when the kernel is locked down

Dave Young (1):
      Copy secure_boot flag in boot params across kexec reboot

David Howells (11):
      Add the ability to lock down access to the running kernel image
      Enforce module signatures if the kernel is locked down
      scsi: Lock down the eata driver
      Prohibit PCMCIA CIS storage when the kernel is locked down
      Lock down TIOCSSERIAL
      Lock down module params that specify hardware parameters (eg. ioport)
      x86/mmiotrace: Lock down the testmmiotrace module
      debugfs: Disallow use of debugfs files when the kernel is locked down
      Lock down /proc/kcore
      efi: Add an EFI_SECURE_BOOT flag to indicate secure boot mode
      efi: Lock down the kernel if booted in secure boot mode

Josh Boyer (2):
      hibernate: Disable when the kernel is locked down
      acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down

Kyle McMartin (1):
      Add a SysRq option to lift kernel lockdown

Linn Crosetto (2):
      acpi: Disable ACPI table override if the kernel is locked down
      acpi: Disable APEI error injection if the kernel is locked down

Matthew Garrett (8):
      Restrict /dev/mem and /dev/kmem when the kernel is locked down
      kexec: Disable at runtime if the kernel is locked down
      uswsusp: Disable when the kernel is locked down
      PCI: Lock down BAR access when the kernel is locked down
      x86: Lock down IO port access when the kernel is locked down
      x86/msr: Restrict MSR access when the kernel is locked down
      asus-wmi: Restrict debugfs interface when the kernel is locked down
      ACPI: Limit access to custom_method when the kernel is locked down


 arch/x86/include/asm/setup.h      |    2 +
 arch/x86/kernel/ioport.c          |    6 +-
 arch/x86/kernel/kexec-bzimage64.c |    1 
 arch/x86/kernel/msr.c             |    7 ++
 arch/x86/kernel/setup.c           |   18 +-----
 arch/x86/mm/testmmiotrace.c       |    3 +
 drivers/acpi/apei/einj.c          |    3 +
 drivers/acpi/custom_method.c      |    3 +
 drivers/acpi/osl.c                |    2 -
 drivers/acpi/tables.c             |    5 ++
 drivers/char/mem.c                |    8 +++
 drivers/firmware/efi/Makefile     |    1 
 drivers/firmware/efi/secureboot.c |   37 +++++++++++++
 drivers/input/misc/uinput.c       |    1 
 drivers/pci/pci-sysfs.c           |    9 +++
 drivers/pci/proc.c                |    9 +++
 drivers/pci/syscall.c             |    3 +
 drivers/pcmcia/cistpl.c           |    3 +
 drivers/platform/x86/asus-wmi.c   |    9 +++
 drivers/scsi/eata.c               |    5 +-
 drivers/tty/serial/serial_core.c  |    6 ++
 drivers/tty/sysrq.c               |   19 ++++--
 fs/debugfs/file.c                 |    6 ++
 fs/proc/kcore.c                   |    2 +
 include/linux/efi.h               |   16 +++--
 include/linux/input.h             |    5 ++
 include/linux/kernel.h            |   17 ++++++
 include/linux/security.h          |    8 +++
 include/linux/sysrq.h             |    8 ++-
 kernel/debug/kdb/kdb_main.c       |    2 -
 kernel/kexec.c                    |    7 ++
 kernel/kexec_file.c               |    7 ++
 kernel/module.c                   |    3 +
 kernel/params.c                   |   26 +++++++--
 kernel/power/hibernate.c          |    2 -
 kernel/power/user.c               |    3 +
 kernel/trace/bpf_trace.c          |   11 ++++
 security/Kconfig                  |   37 +++++++++++++
 security/Makefile                 |    3 +
 security/lock_down.c              |  109 +++++++++++++++++++++++++++++++++++++
 40 files changed, 391 insertions(+), 41 deletions(-)
 create mode 100644 drivers/firmware/efi/secureboot.c
 create mode 100644 security/lock_down.c

^ permalink raw reply	[flat|nested] 156+ messages in thread
* [PULL REQUEST] Lock down patches
@ 2019-02-28 21:28 Matthew Garrett
  2019-02-28 23:11 ` [PATCH 01/27] Add the ability to lock down access to the running kernel image Matthew Garrett
  0 siblings, 1 reply; 156+ messages in thread
From: Matthew Garrett @ 2019-02-28 21:28 UTC (permalink / raw)
  To: jmorris; +Cc: LSM List, Linux Kernel Mailing List, David Howells

Hi James,

David is low on cycles at the moment, so I'm taking over for this time
round. This patchset introduces an optional kernel lockdown feature,
intended to strengthen the boundary between UID 0 and the kernel. When
enabled and active (by enabling the config option and passing the
"lockdown" option on the kernel command line), various pieces of
kernel functionality are restricted. Applications that rely on
low-level access to either hardware or the kernel may cease working as
a result - therefore this should not be enabled without appropriate
evaluation beforehand.

The majority of mainstream distributions have been carrying variants
of this patchset for many years now, so there's value in providing a
unified upstream implementation to reduce the delta. This PR probably
doesn't meet every distribution requirement, but gets us much closer
to not requiring external patches.

This PR is mostly the same as the previous attempt, but with the
following changes:

1) The integration between EFI secure boot and the lockdown state has
been removed
2) A new CONFIG_KERNEL_LOCK_DOWN_FORCE kconfig option has been added,
which will always enable lockdown regardless of the kernel command
line
3) The integration with IMA has been dropped for now. Requiring the
use of the IMA secure boot policy when lockdown is enabled isn't
practical for most distributions at the moment, as there's still not a
great deal of infrastructure for shipping packages with appropriate
IMA signatures, and it makes it complicated for end users to manage
custom IMA policies.

The following changes since commit a3b22b9f11d9fbc48b0291ea92259a5a810e9438:

  Linux 5.0-rc7 (2019-02-17 18:46:40 -0800)

are available in the Git repository at:

  https://github.com/mjg59/linux lock_down

for you to fetch changes up to 43e004ecae91bf9159b8e91cd1d613e58b8f63f8:

  lockdown: Print current->comm in restriction messages (2019-02-28
11:19:23 -0800)

----------------------------------------------------------------
Dave Young (1):
      Copy secure_boot flag in boot params across kexec reboot

David Howells (12):
      Add the ability to lock down access to the running kernel image
      Enforce module signatures if the kernel is locked down
      Prohibit PCMCIA CIS storage when the kernel is locked down
      Lock down TIOCSSERIAL
      Lock down module params that specify hardware parameters (eg. ioport)
      x86/mmiotrace: Lock down the testmmiotrace module
      Lock down /proc/kcore
      Lock down kprobes
      bpf: Restrict kernel image access functions when the kernel is locked down
      Lock down perf
      debugfs: Restrict debugfs when the kernel is locked down
      lockdown: Print current->comm in restriction messages

Jiri Bohac (2):
      kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
      kexec_file: Restrict at runtime if the kernel is locked down

Josh Boyer (2):
      hibernate: Disable when the kernel is locked down
      acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down

Kyle McMartin (1):
      Add a SysRq option to lift kernel lockdown

Linn Crosetto (2):
      acpi: Disable ACPI table override if the kernel is locked down
      acpi: Disable APEI error injection if the kernel is locked down

Matthew Garrett (7):
      Restrict /dev/{mem,kmem,port} when the kernel is locked down
      kexec_load: Disable at runtime if the kernel is locked down
      uswsusp: Disable when the kernel is locked down
      PCI: Lock down BAR access when the kernel is locked down
      x86: Lock down IO port access when the kernel is locked down
      x86/msr: Restrict MSR access when the kernel is locked down
      ACPI: Limit access to custom_method when the kernel is locked down

 arch/x86/Kconfig                       |  20 ++++++++++++-----
 arch/x86/include/asm/setup.h           |   2 ++
 arch/x86/kernel/ioport.c               |   6 ++++--
 arch/x86/kernel/kexec-bzimage64.c      |   1 +
 arch/x86/kernel/msr.c                  |  10 +++++++++
 arch/x86/mm/testmmiotrace.c            |   3 +++
 crypto/asymmetric_keys/verify_pefile.c |   4 +++-
 drivers/acpi/apei/einj.c               |   3 +++
 drivers/acpi/custom_method.c           |   3 +++
 drivers/acpi/osl.c                     |   2 +-
 drivers/acpi/tables.c                  |   5 +++++
 drivers/char/mem.c                     |   2 ++
 drivers/input/misc/uinput.c            |   1 +
 drivers/pci/pci-sysfs.c                |   9 ++++++++
 drivers/pci/proc.c                     |   9 +++++++-
 drivers/pci/syscall.c                  |   3 ++-
 drivers/pcmcia/cistpl.c                |   3 +++
 drivers/tty/serial/serial_core.c       |   6 ++++++
 drivers/tty/sysrq.c                    |  19 +++++++++++------
 fs/debugfs/file.c                      |  28 ++++++++++++++++++++++++
 fs/debugfs/inode.c                     |  30 ++++++++++++++++++++++++--
 fs/proc/kcore.c                        |   2 ++
 include/linux/ima.h                    |   6 ++++++
 include/linux/input.h                  |   5 +++++
 include/linux/kernel.h                 |  17 +++++++++++++++
 include/linux/kexec.h                  |   4 ++--
 include/linux/security.h               |   9 +++++++-
 include/linux/sysrq.h                  |   8 ++++++-
 kernel/bpf/syscall.c                   |   3 +++
 kernel/debug/kdb/kdb_main.c            |   2 +-
 kernel/events/core.c                   |   5 +++++
 kernel/kexec.c                         |   7 ++++++
 kernel/kexec_file.c                    |  56
++++++++++++++++++++++++++++++++++++++++++------
 kernel/kprobes.c                       |   3 +++
 kernel/module.c                        |  56
++++++++++++++++++++++++++++++++++++------------
 kernel/params.c                        |  26 ++++++++++++++++++-----
 kernel/power/hibernate.c               |   2 +-
 kernel/power/user.c                    |   3 +++
 security/Kconfig                       |  24 +++++++++++++++++++++
 security/Makefile                      |   3 +++
 security/lock_down.c                   | 106
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 41 files changed, 466 insertions(+), 50 deletions(-)
 create mode 100644 security/lock_down.c

^ permalink raw reply	[flat|nested] 156+ messages in thread
* [PULL REQUEST] Kernel lockdown patches for 5.2
@ 2019-03-06 23:58 Matthew Garrett
  2019-03-06 23:58 ` [PATCH 03/27] Enforce module signatures if the kernel is locked down Matthew Garrett
  0 siblings, 1 reply; 156+ messages in thread
From: Matthew Garrett @ 2019-03-06 23:58 UTC (permalink / raw)
  To: jmorris; +Cc: linux-security-module, linux-kernel, dhowells

Hi James,

This patchset introduces an optional kernel lockdown feature,
intended to strengthen the boundary between UID 0 and the kernel. When
enabled and active (by enabling the config option and passing the
"lockdown" option on the kernel command line), various pieces of
kernel functionality are restricted. Applications that rely on
low-level access to either hardware or the kernel may cease working as
a result - therefore this should not be enabled without appropriate
evaluation beforehand.

The majority of mainstream distributions have been carrying variants
of this patchset for many years now, so there's value in providing a
unified upstream implementation to reduce the delta. This PR probably
doesn't meet every distribution requirement, but gets us much closer
to not requiring external patches.

This PR is mostly the same as the previous attempt, but with the
following changes:

1) The integration between EFI secure boot and the lockdown state has
been removed
2) A new CONFIG_KERNEL_LOCK_DOWN_FORCE kconfig option has been added,
which will always enable lockdown regardless of the kernel command
line
3) The integration with IMA has been dropped for now. IMA is in the
process of adding support for architecture-specific policies that will
interact correctly with the lockdown feature, and a followup patch will
integrate that so we don't end up with an ordering dependency on the
merge

The following changes since commit 468e91cecb3218afd684b8c422490dfebe0691bb:

  keys: fix missing __user in KEYCTL_PKEY_QUERY (2019-03-04 15:48:37 -0800)

are available in the Git repository at:

  https://github.com/mjg59/linux lock_down

for you to fetch changes up to 3d53449e0ac1df8cfdcc1ec48dc9cb622f220300:

  lockdown: Print current->comm in restriction messages (2019-03-06 13:32:19 -0800)

----------------------------------------------------------------
Dave Young (1):
      Copy secure_boot flag in boot params across kexec reboot

David Howells (12):
      Add the ability to lock down access to the running kernel image
      Enforce module signatures if the kernel is locked down
      Prohibit PCMCIA CIS storage when the kernel is locked down
      Lock down TIOCSSERIAL
      Lock down module params that specify hardware parameters (eg. ioport)
      x86/mmiotrace: Lock down the testmmiotrace module
      Lock down /proc/kcore
      Lock down kprobes
      bpf: Restrict kernel image access functions when the kernel is locked down
      Lock down perf
      debugfs: Restrict debugfs when the kernel is locked down
      lockdown: Print current->comm in restriction messages

Jiri Bohac (2):
      kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
      kexec_file: Restrict at runtime if the kernel is locked down

Josh Boyer (2):
      hibernate: Disable when the kernel is locked down
      acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down

Kyle McMartin (1):
      Add a SysRq option to lift kernel lockdown

Linn Crosetto (2):
      acpi: Disable ACPI table override if the kernel is locked down
      acpi: Disable APEI error injection if the kernel is locked down

Matthew Garrett (7):
      Restrict /dev/{mem,kmem,port} when the kernel is locked down
      kexec_load: Disable at runtime if the kernel is locked down
      uswsusp: Disable when the kernel is locked down
      PCI: Lock down BAR access when the kernel is locked down
      x86: Lock down IO port access when the kernel is locked down
      x86/msr: Restrict MSR access when the kernel is locked down
      ACPI: Limit access to custom_method when the kernel is locked down

 arch/x86/Kconfig                       |  20 +++++--
 arch/x86/include/asm/setup.h           |   2 +
 arch/x86/kernel/ioport.c               |   6 +-
 arch/x86/kernel/kexec-bzimage64.c      |   1 +
 arch/x86/kernel/msr.c                  |  10 ++++
 arch/x86/mm/testmmiotrace.c            |   3 +
 crypto/asymmetric_keys/verify_pefile.c |   4 +-
 drivers/acpi/apei/einj.c               |   3 +
 drivers/acpi/custom_method.c           |   3 +
 drivers/acpi/osl.c                     |   2 +-
 drivers/acpi/tables.c                  |   5 ++
 drivers/char/mem.c                     |   2 +
 drivers/input/misc/uinput.c            |   1 +
 drivers/pci/pci-sysfs.c                |   9 +++
 drivers/pci/proc.c                     |   9 ++-
 drivers/pci/syscall.c                  |   3 +-
 drivers/pcmcia/cistpl.c                |   3 +
 drivers/tty/serial/serial_core.c       |   6 ++
 drivers/tty/sysrq.c                    |  19 ++++--
 fs/debugfs/file.c                      |  28 +++++++++
 fs/debugfs/inode.c                     |  30 +++++++++-
 fs/proc/kcore.c                        |   2 +
 include/linux/input.h                  |   5 ++
 include/linux/kernel.h                 |  17 ++++++
 include/linux/kexec.h                  |   4 +-
 include/linux/security.h               |   9 ++-
 include/linux/sysrq.h                  |   8 ++-
 kernel/bpf/syscall.c                   |   3 +
 kernel/debug/kdb/kdb_main.c            |   2 +-
 kernel/events/core.c                   |   5 ++
 kernel/kexec.c                         |   7 +++
 kernel/kexec_file.c                    |  54 ++++++++++++++---
 kernel/kprobes.c                       |   3 +
 kernel/module.c                        |  39 +++++++++---
 kernel/params.c                        |  26 ++++++--
 kernel/power/hibernate.c               |   2 +-
 kernel/power/user.c                    |   3 +
 security/Kconfig                       |  24 ++++++++
 security/Makefile                      |   3 +
 security/lock_down.c                   | 106 +++++++++++++++++++++++++++++++++
 40 files changed, 447 insertions(+), 44 deletions(-)
 create mode 100644 security/lock_down.c



^ permalink raw reply	[flat|nested] 156+ messages in thread

end of thread, other threads:[~2019-03-09  4:45 UTC | newest]

Thread overview: 156+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-10-19 14:50 [PATCH 00/27] security, efi: Add kernel lockdown David Howells
2017-10-19 14:50 ` [PATCH 01/27] Add the ability to lock down access to the running kernel image David Howells
2017-10-20 23:19   ` James Morris
2017-10-19 14:50 ` [PATCH 02/27] Add a SysRq option to lift kernel lockdown David Howells
2017-10-19 17:20   ` Randy Dunlap
2017-10-19 22:12   ` David Howells
2017-11-07 17:39   ` Thiago Jung Bauermann
2017-11-07 22:56   ` David Howells
2017-10-19 14:50 ` [PATCH 03/27] Enforce module signatures if the kernel is locked down David Howells
2017-10-20  6:33   ` joeyli
2017-10-20 23:21   ` James Morris
2017-10-27 18:48   ` Mimi Zohar
2017-10-30 17:00   ` David Howells
2017-10-30 17:52     ` Mimi Zohar
2017-11-02 17:22   ` David Howells
2017-11-02 19:13     ` Mimi Zohar
2017-11-02 21:30     ` David Howells
2017-11-02 21:41       ` Mimi Zohar
2017-11-02 22:01       ` David Howells
2017-11-02 22:18         ` Mimi Zohar
2017-10-19 14:51 ` [PATCH 04/27] Restrict /dev/mem and /dev/kmem when " David Howells
2017-10-20  6:37   ` joeyli
2017-10-20 23:21   ` James Morris
2017-10-19 14:51 ` [PATCH 05/27] kexec: Disable at runtime if " David Howells
2017-10-20  6:38   ` joeyli
2017-10-20 23:22   ` James Morris
2017-10-19 14:51 ` [PATCH 06/27] Copy secure_boot flag in boot params across kexec reboot David Howells
2017-10-20  6:40   ` joeyli
2017-10-19 14:51 ` [PATCH 07/27] kexec_file: Disable at runtime if securelevel has been set David Howells
2017-10-20 23:26   ` James Morris
2017-10-23 15:54   ` Mimi Zohar
2017-10-26  7:42     ` joeyli
2017-10-26 14:17       ` Mimi Zohar
2017-10-27 19:30         ` Mimi Zohar
2017-10-27 19:32         ` Mimi Zohar
2017-10-28  8:34           ` joeyli
2017-10-29 22:26             ` Mimi Zohar
2017-10-30  9:00       ` David Howells
2017-10-30 12:01         ` Mimi Zohar
2017-10-26 15:02     ` David Howells
2017-10-26 15:46       ` Mimi Zohar
2017-10-30 15:49       ` David Howells
2017-10-30 16:43         ` Mimi Zohar
2017-11-02 17:00         ` David Howells
2017-10-26 14:51   ` David Howells
2017-11-02 17:29   ` David Howells
2017-10-19 14:51 ` [PATCH 08/27] hibernate: Disable when the kernel is locked down David Howells
2017-10-20  6:40   ` joeyli
2017-10-19 14:51 ` [PATCH 09/27] uswsusp: " David Howells
2017-10-20  6:41   ` joeyli
2017-10-20 23:29   ` James Morris
2017-10-19 14:51 ` [PATCH 10/27] PCI: Lock down BAR access " David Howells
2017-10-20  6:42   ` joeyli
2017-10-19 14:51 ` [PATCH 11/27] x86: Lock down IO port " David Howells
2017-10-20  6:43   ` joeyli
2017-10-19 14:52 ` [PATCH 12/27] x86/msr: Restrict MSR " David Howells
2017-10-20  6:43   ` joeyli
2017-10-20 18:09   ` Alan Cox
2017-10-20 20:48   ` David Howells
2017-10-21  4:39     ` joeyli
2017-10-23 14:49   ` David Howells
2017-10-25 14:03     ` joeyli
2017-10-19 14:52 ` [PATCH 13/27] asus-wmi: Restrict debugfs interface " David Howells
2017-10-20  6:44   ` joeyli
2017-10-19 14:52 ` [PATCH 14/27] ACPI: Limit access to custom_method " David Howells
2017-10-20  6:45   ` joeyli
2017-10-19 14:52 ` [PATCH 15/27] acpi: Ignore acpi_rsdp kernel param when the kernel has been " David Howells
2017-10-20  6:45   ` joeyli
2017-10-19 14:52 ` [PATCH 16/27] acpi: Disable ACPI table override if the kernel is " David Howells
2017-10-20  6:46   ` joeyli
2017-10-19 14:52 ` [PATCH 17/27] acpi: Disable APEI error injection " David Howells
2017-10-20  6:47   ` joeyli
2017-10-19 14:52 ` [PATCH 18/27] bpf: Restrict kernel image access functions when " David Howells
2017-10-19 22:18   ` Alexei Starovoitov
2017-10-20  2:47     ` joeyli
2017-10-20  8:08     ` David Howells
2017-10-20 15:57       ` jlee
2017-10-20 23:00         ` Alexei Starovoitov
2017-10-23 14:51         ` David Howells
2017-10-20 16:03       ` David Howells
2017-10-20 16:43         ` jlee
2017-10-23 14:53         ` David Howells
2017-10-25  7:07           ` joeyli
2017-10-19 22:48   ` David Howells
2017-10-19 23:31     ` Alexei Starovoitov
2017-11-09 17:15     ` David Howells
2017-10-19 14:52 ` [PATCH 19/27] scsi: Lock down the eata driver David Howells
2017-10-19 14:53 ` [PATCH 20/27] Prohibit PCMCIA CIS storage when the kernel is locked down David Howells
2017-10-19 14:53 ` [PATCH 21/27] Lock down TIOCSSERIAL David Howells
2017-10-19 14:53 ` [PATCH 22/27] Lock down module params that specify hardware parameters (eg. ioport) David Howells
2017-10-19 14:53 ` [PATCH 23/27] x86/mmiotrace: Lock down the testmmiotrace module David Howells
2017-10-19 14:53 ` [PATCH 24/27] debugfs: Disallow use of debugfs files when the kernel is locked down David Howells
2017-10-19 14:53 ` [PATCH 25/27] Lock down /proc/kcore David Howells
2017-10-21  2:11   ` James Morris
2017-10-23 14:56   ` David Howells
2017-10-19 14:53 ` [PATCH 26/27] efi: Add an EFI_SECURE_BOOT flag to indicate secure boot mode David Howells
2017-10-21  2:19   ` James Morris
2017-10-23 14:58   ` David Howells
2017-10-19 14:53 ` [PATCH 27/27] efi: Lock down the kernel if booted in " David Howells
2017-10-19 22:39 ` [PATCH 00/27] security, efi: Add kernel lockdown David Howells
2017-10-23 14:34 ` [PATCH 04/27] Restrict /dev/mem and /dev/kmem when the kernel is locked down David Howells
2017-10-24 10:48   ` Ethan Zhao
2017-10-24 14:56   ` David Howells
2017-11-02 22:01 ` [PATCH 00/27] security, efi: Add kernel lockdown Mimi Zohar
2017-11-02 22:04 ` Firmware signing -- " David Howells
2017-11-02 22:10   ` Mimi Zohar
2017-11-07 23:07     ` Luis R. Rodriguez
2017-11-08  6:15       ` AKASHI, Takahiro
2017-11-08 19:46         ` Luis R. Rodriguez
2017-11-09  1:48           ` AKASHI, Takahiro
2017-11-09  2:17             ` Mimi Zohar
2017-11-09  4:46               ` AKASHI, Takahiro
2017-11-10 13:37                 ` Mimi Zohar
2017-11-11  2:32                 ` Alan Cox
2017-11-13 11:49                   ` Mimi Zohar
2017-11-13 17:42                   ` Luis R. Rodriguez
2017-11-13 21:08                     ` Alan Cox
2017-12-04 19:51                       ` Luis R. Rodriguez
2017-12-07 15:32                         ` Alan Cox
2017-11-13 21:44                     ` David Howells
2017-11-13 22:09                       ` Linus Torvalds
2017-11-14  0:20                         ` Alan Cox
2017-11-14 12:21                         ` Mimi Zohar
2017-11-14 12:38                           ` Greg Kroah-Hartman
2017-11-14 13:17                             ` Mimi Zohar
2017-11-14 17:34                           ` Linus Torvalds
2017-11-14 19:58                             ` Matthew Garrett
2017-11-14 20:18                               ` Linus Torvalds
2017-11-14 20:31                                 ` Matthew Garrett
2017-11-14 20:35                                   ` Linus Torvalds
2017-11-14 20:37                                     ` Matthew Garrett
2017-11-14 20:50                                 ` Luis R. Rodriguez
2017-11-14 20:55                                   ` Matthew Garrett
2017-11-14 22:14                                     ` James Bottomley
2017-11-14 22:17                                       ` Matthew Garrett
2017-11-14 22:31                                         ` James Bottomley
2017-11-14 22:34                                           ` Matthew Garrett
2017-11-15 11:49                                   ` Mimi Zohar
2017-11-15 17:52                                     ` Luis R. Rodriguez
2017-11-15 19:56                                       ` Mimi Zohar
2017-11-15 20:46                                         ` Luis R. Rodriguez
2017-11-16  0:05                                           ` Mimi Zohar
2017-12-05 10:27                                 ` Pavel Machek
2017-12-07 23:02                                   ` Luis R. Rodriguez
2017-12-08 17:11                                     ` Alan Cox
2017-11-10  1:46             ` Luis R. Rodriguez
2017-11-10 13:45               ` Mimi Zohar
2017-11-13 18:50                 ` Luis R. Rodriguez
2017-11-13 19:08                   ` Luis R. Rodriguez
2017-11-08 20:01       ` Mimi Zohar
2017-11-08 20:09         ` Luis R. Rodriguez
2019-02-28 21:28 [PULL REQUEST] Lock down patches Matthew Garrett
2019-02-28 23:11 ` [PATCH 01/27] Add the ability to lock down access to the running kernel image Matthew Garrett
2019-02-28 23:11   ` [PATCH 03/27] Enforce module signatures if the kernel is locked down Matthew Garrett
2019-03-06 23:58 [PULL REQUEST] Kernel lockdown patches for 5.2 Matthew Garrett
2019-03-06 23:58 ` [PATCH 03/27] Enforce module signatures if the kernel is locked down Matthew Garrett
2019-03-08 23:00   ` James Morris
2019-03-08 23:30     ` Matthew Garrett
2019-03-09  4:45       ` James Morris

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).