On Tue, 21 May 2019, Matthew Garrett wrote:
> + int (*locked_down)(const char *where, enum lockdown_level level);
> +static int lockdown_is_locked_down(const char *what, enum lockdown_level
> level)
I'm guessing 'what' is the best option here.
--
James Morris
From: David Howells
Provide a single call to allow kernel code to determine whether the system
should be locked down, thereby disallowing various accesses that might
allow the running kernel image to be changed including the loading of
modules that aren't validly signed with a key we recognise,
2 matches
Mail list logo
