[PATCH v2 0/3] Allow individual features to be locked down
Nikolay Borisov
nik.borisov at suse.com
Thu Aug 14 10:02:36 UTC 2025
On 8/14/25 11:59, Nicolas Bouchinet wrote:
> Hi Nikolay,
>
> After discussing with Xiu, we have decided not to accept this patchset.
>
> The goal of Lockdown being to draw a clear line between ring-0 and uid-0,
> having a more granular way to activate Lockdown will break it. Primarily
> because most lockdown-reasons can be bypassed if used independently.
>
> Even if the goal of Lockdown were to be redefined, we would need to ensure the
> security interdependence between different lockdown-reasons. This is highly
> tied to where people calls the `security_locked_down` hook and thus is out of
> our maintenance scope.
>
> Having coarse-grained lockdown reasons and integrity/confidentiality levels
> allows us to ensure that all of the reasons are correctly locked down.
>
> Best regards,
>
> Nicolas
Thanks for the feedback, to try and not have all this code go to waste,
what about consdering patch 2 - kunits tests. Apart from
lockdown_test_individual_level() the other tests are applicable to the
existing lockdown implementation and can aid in future developments?
More information about the Linux-security-module-archive
mailing list