subject:"\[PATCH V34 21\/29\] Lock down \/proc\/kcore"

Re: [PATCH V34 21/29] Lock down /proc/kcore

2019-06-22 Thread Kees Cook

On Fri, Jun 21, 2019 at 05:03:50PM -0700, Matthew Garrett wrote: > From: David Howells > > Disallow access to /proc/kcore when the kernel is locked down to prevent > access to cryptographic data. This is limited to lockdown > confidentiality mode and is still permitted in integrity mode. > > Sig

[PATCH V34 21/29] Lock down /proc/kcore

2019-06-21 Thread Matthew Garrett

From: David Howells Disallow access to /proc/kcore when the kernel is locked down to prevent access to cryptographic data. This is limited to lockdown confidentiality mode and is still permitted in integrity mode. Signed-off-by: David Howells Signed-off-by: Matthew Garrett --- fs/proc/kcore.c