On 6 April 2017 at 13:29, Alexei Starovoitov
wrote:
> On Wed, Apr 05, 2017 at 09:17:25PM +0100, David Howells wrote:
>> From: Chun-Yi Lee
>>
>> There are some bpf functions can be used to read kernel memory:
>> bpf_probe_read, bpf_probe_write_user and
Sorry, I forgot to include a cover note.
These five patches would replace 1-3 & 6 from my Kernel Lockdown series. The
additional patch moves the secure boot switch from x86 to generic code.
David
--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body of a message to
Hi Boris,
On 03/17/2017 05:17 AM, Borislav Petkov wrote:
On Thu, Mar 16, 2017 at 11:25:36PM +0100, Paolo Bonzini wrote:
The kvmclock memory is initially zero so there is no need for the
hypervisor to allocate anything; the point of these patches is just to
access the data in a natural way from
Move the switch-statement in x86's setup_arch() that inteprets the
secure_boot boot parameter to generic code.
Suggested-by: Ard Biesheuvel
Signed-off-by: David Howells
---
arch/x86/kernel/setup.c| 14 +-
On Wed, Apr 05, 2017 at 09:17:25PM +0100, David Howells wrote:
> From: Chun-Yi Lee
>
> There are some bpf functions can be used to read kernel memory:
> bpf_probe_read, bpf_probe_write_user and bpf_trace_printk. These allow
> private keys in kernel memory (e.g. the hibernation
From: Josh Boyer
UEFI machines can be booted in Secure Boot mode. Add a EFI_SECURE_BOOT bit
that can be passed to efi_enabled() to find out whether secure boot is
enabled.
This will be used by the SysRq+x handler, registered by the x86 arch, to
find out whether
Provide a single call to allow kernel code to determine whether the system
should be locked down, thereby disallowing various accesses that might
allow the running kernel image to be changed including the loading of
modules that aren't validly signed with a key we recognise, fiddling with
MSR
From: Kyle McMartin
Make sysrq+x exit secure boot mode on x86_64, thereby allowing the running
kernel image to be modified. This lifts the lockdown.
Signed-off-by: Kyle McMartin
Signed-off-by: David Howells
cc: x...@kernel.org
---
Hi Rafael,
On Tue, Mar 28, 2017 at 01:30:30PM -0600, Tyler Baicar wrote:
> Tyler Baicar (9):
> acpi: apei: read ack upon ghes record consumption
> ras: acpi/apei: cper: generic error data entry v3 per ACPI 6.1
> efi: parse ARM processor error
> arm64: exception: handle Synchronous
[Adding the EFI maintainers]
Tl;DR: Xen's EFI wrappery doesn't implement reset_system, so when
invoked on arm64 we get a NULL dereference.
On Thu, Apr 06, 2017 at 04:39:13PM +0100, Julien Grall wrote:
> On 06/04/17 16:20, Daniel Kiper wrote:
> >On Thu, Apr 06, 2017 at 04:38:24PM +0200, Juergen
Hi Brijesh,
On Thu, Apr 06, 2017 at 09:05:03AM -0500, Brijesh Singh wrote:
> I looked into arch/x86/mm/init_{32,64}.c and as you pointed the file contains
> routines to do basic page splitting. I think it sufficient for our usage.
Good :)
> I should be able to drop the memblock patch from the
On 04/06/2017 12:25 PM, Borislav Petkov wrote:
Hi Brijesh,
On Thu, Apr 06, 2017 at 09:05:03AM -0500, Brijesh Singh wrote:
I looked into arch/x86/mm/init_{32,64}.c and as you pointed the file contains
routines to do basic page splitting. I think it sufficient for our usage.
Good :)
I
On Thu, 6 Apr 2017, Rafael J. Wysocki wrote:
> >>> Your swap partition may be located on an NVDIMM or be encrypted.
> >>
> >> An NVDIMM should be considered the same as any other persistent storage.
> >>
> >> It may be encrypted, but where's the key stored, how easy is it to retrieve
> >> and
On Wed, Apr 5, 2017 at 10:16 PM, David Howells wrote:
> From: Josh Boyer
>
> This option allows userspace to pass the RSDP address to the kernel, which
> makes it possible for a user to circumvent any restrictions imposed on
> loading modules. Ignore the
On Thu, Apr 6, 2017 at 8:55 AM, David Howells wrote:
> Rafael J. Wysocki wrote:
>
>> You probably want to disable hibernation altogether in this case.
>
> See patch 10. Does that mean patch 11 is superfluous?
Yes, it does.
You can't open /dev/snapshot
On Thu, Apr 6, 2017 at 10:09 PM, Rafael J. Wysocki wrote:
> On Thu, Apr 6, 2017 at 10:41 AM, David Howells wrote:
>> Oliver Neukum wrote:
>>
>>> Your swap partition may be located on an NVDIMM or be encrypted.
>>
>> An NVDIMM should be
On Thu, 6 Apr 2017, David Howells wrote:
> James Morris wrote:
>
> > > +static __read_mostly bool kernel_locked_down;
> >
> > How about marking this __ro_after_init if ALLOW_LOCKDOWN_LIFT is not
> > configured?
>
> I guess lock_kernel_down() would need to be __init also in
On Thu, 6 Apr 2017, David Howells wrote:
> Provide a single call to allow kernel code to determine whether the system
> should be locked down, thereby disallowing various accesses that might
> allow the running kernel image to be changed including the loading of
> modules that aren't validly
James Morris wrote:
> > The patches can be found here also:
> >
> >
> > http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=efi-lockdown
> >
>
> Do you mean the branch 'efi-lock-down' ?
Sorry, yes.
David
--
To unsubscribe from this list: send the
Rafael J. Wysocki wrote:
> You probably want to disable hibernation altogether in this case.
See patch 10. Does that mean patch 11 is superfluous?
David
--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body of a message to
Ard Biesheuvel wrote:
> > @@ -1184,6 +1184,7 @@ void __init setup_arch(char **cmdline_p)
> > pr_info("Secure boot disabled\n");
> > break;
> > case efi_secureboot_mode_enabled:
> > +
On Wed, 5 Apr 2017, David Howells wrote:
> +#include
> +#include
> +
> +static __read_mostly bool kernel_locked_down;
How about marking this __ro_after_init if ALLOW_LOCKDOWN_LIFT is not
configured?
--
James Morris
--
To unsubscribe from this list: send the line
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Baoquan He
commit a46f60d76004965e5669dbf3fc21ef3bc3632eb4 upstream.
Currently KASLR is enabled on three regions: the direct mapping of physical
memory, vamlloc and vmemmap.
4.10-stable review patch. If anyone has any objections, please let me know.
--
From: Baoquan He
commit a46f60d76004965e5669dbf3fc21ef3bc3632eb4 upstream.
Currently KASLR is enabled on three regions: the direct mapping of physical
memory, vamlloc and vmemmap.
Oliver Neukum wrote:
> Your swap partition may be located on an NVDIMM or be encrypted.
An NVDIMM should be considered the same as any other persistent storage.
It may be encrypted, but where's the key stored, how easy is it to retrieve
and does the swapout code know this?
>
On 04/05/17 at 09:15pm, David Howells wrote:
> From: Chun-Yi Lee
>
> When KEXEC_VERIFY_SIG is not enabled, kernel should not loads image
> through kexec_file systemcall if securelevel has been set.
>
> This code was showed in Matthew's patch but not in git:
>
On 04/05/17 at 09:15pm, David Howells wrote:
> From: Matthew Garrett
>
> kexec permits the loading and execution of arbitrary code in ring 0, which
> is something that lock-down is meant to prevent. It makes sense to disable
> kexec in this situation.
>
> This does
On Fri, 2017-04-07 at 11:05 +0800, Dave Young wrote:
> On 04/05/17 at 09:15pm, David Howells wrote:
> > From: Chun-Yi Lee
> >
> > When KEXEC_VERIFY_SIG is not enabled, kernel should not loads image
> > through kexec_file systemcall if securelevel has been set.
> >
> >
28 matches
Mail list logo