diff options
| author | Augusto Caringi <acaringi@redhat.com> | 2020-06-29 15:02:20 -0300 |
|---|---|---|
| committer | Augusto Caringi <acaringi@redhat.com> | 2020-06-29 15:02:20 -0300 |
| commit | 9b53592daf7ec9906beefa9e36772dafcf446132 (patch) | |
| tree | ad225c0978d9a8ab32e649eb21b43492525b3c4e /0001-security-lockdown-expose-a-hook-to-lock-the-kernel-d.patch | |
| parent | a6d5bdfa755afd46b7cb294d2a32a4f53e79aef3 (diff) | |
| download | kernel-9b53592daf7ec9906beefa9e36772dafcf446132.tar.gz kernel-9b53592daf7ec9906beefa9e36772dafcf446132.tar.xz kernel-9b53592daf7ec9906beefa9e36772dafcf446132.zip | |
kernel-5.8.0-0.rc3.1
* Mon Jun 29 2020 Fedora Kernel Team <kernel-team@fedoraproject.org> [5.8.0-0.rc3.1]
- v5.8-rc3 rebase
- s390x-zfcpdump: Handle missing Module.symvers file (Don Zickus)
- Updated changelog for the release based on 8be3a53e18e0 (Fedora Kernel Team)
Resolves: rhbz#
Signed-off-by: Augusto Caringi <acaringi@redhat.com>
Diffstat (limited to '0001-security-lockdown-expose-a-hook-to-lock-the-kernel-d.patch')
| -rw-r--r-- | 0001-security-lockdown-expose-a-hook-to-lock-the-kernel-d.patch | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-d.patch b/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-d.patch index 3b44f9801..9ff44e79b 100644 --- a/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-d.patch +++ b/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-d.patch @@ -22,11 +22,11 @@ index 6791813cd439..501e14cff79c 100644 +++ b/include/linux/lsm_hook_defs.h @@ -383,6 +383,8 @@ LSM_HOOK(void, LSM_RET_VOID, bpf_prog_free_security, struct bpf_prog_aux *aux) #endif /* CONFIG_BPF_SYSCALL */ - + LSM_HOOK(int, 0, locked_down, enum lockdown_reason what) +LSM_HOOK(int, 0, lock_kernel_down, const char *where, enum lockdown_reason level) + - + #ifdef CONFIG_PERF_EVENTS LSM_HOOK(int, 0, perf_event_open, struct perf_event_attr *attr, int type) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h @@ -56,7 +56,7 @@ index 0a0a03b36a3b..26869f44416b 100644 int security_locked_down(enum lockdown_reason what); +int security_lock_kernel_down(const char *where, enum lockdown_reason level); #else /* CONFIG_SECURITY */ - + static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data) @@ -1291,6 +1292,10 @@ static inline int security_locked_down(enum lockdown_reason what) { @@ -67,19 +67,19 @@ index 0a0a03b36a3b..26869f44416b 100644 + return 0; +} #endif /* CONFIG_SECURITY */ - + #if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE) diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c index 87cbdc64d272..18555cf18da7 100644 --- a/security/lockdown/lockdown.c +++ b/security/lockdown/lockdown.c @@ -73,6 +73,7 @@ static int lockdown_is_locked_down(enum lockdown_reason what) - + static struct security_hook_list lockdown_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(locked_down, lockdown_is_locked_down), + LSM_HOOK_INIT(lock_kernel_down, lock_kernel_down), }; - + static int __init lockdown_lsm_init(void) diff --git a/security/security.c b/security/security.c index 0ce3e73edd42..8fe9a9911261 100644 @@ -88,7 +88,7 @@ index 0ce3e73edd42..8fe9a9911261 100644 @@ -2501,6 +2501,12 @@ int security_locked_down(enum lockdown_reason what) } EXPORT_SYMBOL(security_locked_down); - + +int security_lock_kernel_down(const char *where, enum lockdown_reason level) +{ + return call_int_hook(lock_kernel_down, 0, where, level); @@ -99,5 +99,5 @@ index 0ce3e73edd42..8fe9a9911261 100644 int security_perf_event_open(struct perf_event_attr *attr, int type) { -- -2.26.2 +2.25.4 |