Re: [PATCH RESEND] lockdown: Allow unprivileged users to see lockdown status
From: James Morris
Date: Thu May 14 2020 - 13:28:22 EST
On Thu, 14 May 2020, Jeremy Cline wrote:
> A number of userspace tools, such as systemtap, need a way to see the
> current lockdown state so they can gracefully deal with the kernel being
> locked down. The state is already exposed in
> /sys/kernel/security/lockdown, but is only readable by root. Adjust the
> permissions so unprivileged users can read the state.
>
> Fixes: 000d388ed3bb ("security: Add a static lockdown policy LSM")
> Cc: Frank Ch. Eigler <fche@xxxxxxxxxx>
> Signed-off-by: Jeremy Cline <jcline@xxxxxxxxxx>
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next-general
--
James Morris
<jmorris@xxxxxxxxx>