Finn Thain wrote:
> I can see how base addresses and IO ports are relevant, but the irq
> parameter changes below don't protect the kernel image AFAICT. What's the
> rationale for those changes? I think it should be stated here.
Easier grepping for one. But I'm also currently preventing the c
On Thu, 1 Dec 2016, David Howells wrote:
> When the kernel is running in secure boot mode, we lock down the kernel
> to prevent userspace from modifying the running kernel image. Whilst
> this includes prohibiting access to things like /dev/mem, it must also
> prevent access by means of confi
When the kernel is running in secure boot mode, we lock down the kernel to
prevent userspace from modifying the running kernel image. Whilst this
includes prohibiting access to things like /dev/mem, it must also prevent
access by means of configuring driver modules in such a way as to cause a
devi
3 matches
Mail list logo