[PATCH 07/27] kexec_file: Disable at runtime if securelevel has been set
James Morris
james.l.morris at oracle.com
Fri Oct 20 23:26:22 UTC 2017
On Thu, 19 Oct 2017, David Howells wrote:
> From: Chun-Yi Lee <joeyli.kernel at gmail.com>
>
> When KEXEC_VERIFY_SIG is not enabled, kernel should not loads image
> through kexec_file systemcall if securelevel has been set.
>
> This code was showed in Matthew's patch but not in git:
> https://lkml.org/lkml/2015/3/13/778
>
Reviewed-by: James Morris <james.l.morris at oracle.com>
--
James Morris
<james.l.morris at oracle.com>
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list