On 29/4/19 2:54 pm, Daniel Axtens wrote:
Hi,
I'm thinking about whether we should lock down the powerpc xmon debug
monitor - intuitively, I think the answer is yes if for no other reason
than Least Astonishment, when lockdown is enabled you probably don't
expect xmon to keep letting you access
Hi,
>>> I'm thinking about whether we should lock down the powerpc xmon debug
>>> monitor - intuitively, I think the answer is yes if for no other reason
>>> than Least Astonishment, when lockdown is enabled you probably don't
>>> expect xmon to keep letting you access kernel memory.
>>
>> The or
Matthew Garrett writes:
> On Tue, Apr 16, 2019 at 1:40 AM Andrew Donnellan
> wrote:
>> I'm thinking about whether we should lock down the powerpc xmon debug
>> monitor - intuitively, I think the answer is yes if for no other reason
>> than Least Astonishment, when lockdown is enabled you probabl
Hi Andrew,
>> +If CONFIG_LOCK_DOWN_KERNEL is enabled, the kernel can be
>> +moved to a more locked down state at runtime by writing to
>> +this attribute. Valid values are:
>> +
>> +integrity:
>> +The kernel will disable functiona
On 4/4/19 11:32 am, Matthew Garrett wrote:
diff --git a/Documentation/ABI/testing/lockdown
b/Documentation/ABI/testing/lockdown
new file mode 100644
index ..5bd51e20917a
--- /dev/null
+++ b/Documentation/ABI/testing/lockdown
@@ -0,0 +1,19 @@
+What: security/lockdown
+Date:
