GitHub-Mirror/Star64_linux
2
0
Fork 0
mirror of https://github.com/Fishwaldo/Star64_linux.git synced 2025-06-28 01:21:58 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

tracefs: Restrict tracefs when the kernel is locked down

Browse source 
Tracefs may release more information about the kernel than desirable, so
restrict it when the kernel is locked down in confidentiality mode by
preventing open().

(Fixed by Ben Hutchings to avoid a null dereference in
default_file_open())

Signed-off-by: Matthew Garrett <mjg59@google.com>
Reviewed-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Cc: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
Matthew Garrett 2019-08-19 17:18:03 -07:00 committed by James Morris
parent 5496197f9b
commit ccbd54ff54
3 changed files with 43 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
include/linux/security.h
View file

@ -121,6 +121,7 @@ enum lockdown_reason {
LOCKDOWN_KPROBES,
LOCKDOWN_BPF_READ,
LOCKDOWN_PERF,
LOCKDOWN_TRACEFS,
LOCKDOWN_CONFIDENTIALITY_MAX,
};