[PATCH 1/3] security: add Lilium - Linux Integrity Lock-In User Module

Serge E. Hallyn serge at hallyn.com
Sat May 31 22:37:22 UTC 2025


On Sat, May 31, 2025 at 01:19:27PM +0000, ℰ𝓃𝓏ℴ ℱ𝓊𝓀ℯ wrote:
> This patch adds the Lilium (Linux Integrity Lock-In User Module) security module that blocks ptrace, mmap/mprotect with PROT_EXEC, kexec_load, clone and unshar, delete_module, init_module, open and openat, and ioctl, with modular configuration via sysfs.

1. Please send your patches as inline text, one patch per email
2. Your MAINTAINERS patch has the whole file, not a patch
3. The other patches actually lack the contents of the files you are adding.

-serge



More information about the Linux-security-module-archive mailing list