summaryrefslogtreecommitdiff
path: root/security/lockdown
diff options
context:
space:
mode:
authorChristopher M. Riedl <cmr@informatik.wtf>2019-09-07 01:11:24 -0500
committerMichael Ellerman <mpe@ellerman.id.au>2019-10-28 21:54:15 +1100
commit69393cb03ccdf29f3b452d3482ef918469d1c098 (patch)
tree875a3709277c308df80ba2e923fd71db5c543a4b /security/lockdown
parent96664dee5cf1815777286227b09884b4f019727f (diff)
downloadlinux-rpi-69393cb03ccdf29f3b452d3482ef918469d1c098.tar.gz
linux-rpi-69393cb03ccdf29f3b452d3482ef918469d1c098.tar.bz2
linux-rpi-69393cb03ccdf29f3b452d3482ef918469d1c098.zip
powerpc/xmon: Restrict when kernel is locked down
Xmon should be either fully or partially disabled depending on the kernel lockdown state. Put xmon into read-only mode for lockdown=integrity and prevent user entry into xmon when lockdown=confidentiality. Xmon checks the lockdown state on every attempted entry: (1) during early xmon'ing (2) when triggered via sysrq (3) when toggled via debugfs (4) when triggered via a previously enabled breakpoint The following lockdown state transitions are handled: (1) lockdown=none -> lockdown=integrity set xmon read-only mode (2) lockdown=none -> lockdown=confidentiality clear all breakpoints, set xmon read-only mode, prevent user re-entry into xmon (3) lockdown=integrity -> lockdown=confidentiality clear all breakpoints, set xmon read-only mode, prevent user re-entry into xmon Suggested-by: Andrew Donnellan <ajd@linux.ibm.com> Signed-off-by: Christopher M. Riedl <cmr@informatik.wtf> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/20190907061124.1947-3-cmr@informatik.wtf
Diffstat (limited to 'security/lockdown')
-rw-r--r--security/lockdown/lockdown.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c
index 8a10b43daf74..c1a9e5f3a19d 100644
--- a/security/lockdown/lockdown.c
+++ b/security/lockdown/lockdown.c
@@ -31,12 +31,14 @@ static const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1] = {
[LOCKDOWN_MODULE_PARAMETERS] = "unsafe module parameters",
[LOCKDOWN_MMIOTRACE] = "unsafe mmio",
[LOCKDOWN_DEBUGFS] = "debugfs access",
+ [LOCKDOWN_XMON_WR] = "xmon write access",
[LOCKDOWN_INTEGRITY_MAX] = "integrity",
[LOCKDOWN_KCORE] = "/proc/kcore access",
[LOCKDOWN_KPROBES] = "use of kprobes",
[LOCKDOWN_BPF_READ] = "use of bpf to read kernel RAM",
[LOCKDOWN_PERF] = "unsafe use of perf",
[LOCKDOWN_TRACEFS] = "use of tracefs",
+ [LOCKDOWN_XMON_RW] = "xmon read and write access",
[LOCKDOWN_CONFIDENTIALITY_MAX] = "confidentiality",
};