[PATCH 18/27] bpf: Restrict kernel image access functions when the kernel is locked down
joeyli
jlee at suse.com
Wed Oct 25 07:07:30 UTC 2017
On Mon, Oct 23, 2017 at 03:53:00PM +0100, David Howells wrote:
> jlee at suse.com wrote:
>
> > hm... patch 4 only prevents write_mem() but not read_mem().
> > Or I missed anything?
>
> Actually, yes, as it happens, patch 11 prevents you from even opening /dev/mem
> and /dev/kmem by locking down open of /dev/port. So I've moved this bit to
> patch 4, simplified and posted a new variant for patch 4.
>
Thank you for pointing out!
Joey Lee
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list