Re: Draft manpage explaining kernel lockdown

From: Pavel Machek
Date: Wed Nov 15 2017 - 16:13:28 EST

Next message: Linus Torvalds: "Re: leaking_addresses script.."
Previous message: Pavel Machek: "Re: [PATCH] Support for secure erase functionality"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

> Attached is a draft for a manual page (kernel_lockdown.7) that I intend to
> point at from messages emitted when the kernel prohibits something because the
> kernel is in 'lockdown' mode, typically triggered by EFI secure
> boot.

What about livepatching? It allows kernel modifications.. and it has
some interestlingly insecure /sys controls being merged just now...

Pavel

--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Attachment: signature.asc
Description: Digital signature

Next message: Linus Torvalds: "Re: leaking_addresses script.."
Previous message: Pavel Machek: "Re: [PATCH] Support for secure erase functionality"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]