projects / linux-2.6-block.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5496197) | patch
tracefs: Restrict tracefs when the kernel is locked down
authorMatthew Garrett <matthewgarrett@google.com>
Tue, 20 Aug 2019 00:18:03 +0000 (17:18 -0700)
committerJames Morris <jmorris@namei.org>
Tue, 20 Aug 2019 04:54:17 +0000 (21:54 -0700)
commitccbd54ff54e8b1880456b81c4aea352ebe208843
tree86b2e1acc2014eea41ceb006e17459b0878bd764tree | snapshot
parent5496197f9b084f086cb410dd566648b0896fcc74commit | diff
tracefs: Restrict tracefs when the kernel is locked down

Tracefs may release more information about the kernel than desirable, so
restrict it when the kernel is locked down in confidentiality mode by
preventing open().

(Fixed by Ben Hutchings to avoid a null dereference in
default_file_open())

Signed-off-by: Matthew Garrett <mjg59@google.com>
Reviewed-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Cc: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: James Morris <jmorris@namei.org>
fs/tracefs/inode.c diff | blob | blame | history
include/linux/security.h diff | blob | blame | history
security/lockdown/lockdown.c diff | blob | blame | history
Linux 6.x block layer and io_uring tree(s)