[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1377169317-5959-9-git-send-email-jlee@suse.com>
Date: Thu, 22 Aug 2013 19:01:47 +0800
From: "Lee, Chun-Yi" <joeyli.kernel@...il.com>
To: linux-kernel@...r.kernel.org
Cc: linux-security-module@...r.kernel.org, linux-efi@...r.kernel.org,
linux-pm@...r.kernel.org, linux-crypto@...r.kernel.org,
opensuse-kernel@...nsuse.org, David Howells <dhowells@...hat.com>,
"Rafael J. Wysocki" <rjw@...k.pl>,
Matthew Garrett <mjg59@...f.ucam.org>,
Len Brown <len.brown@...el.com>, Pavel Machek <pavel@....cz>,
Josh Boyer <jwboyer@...hat.com>,
Vojtech Pavlik <vojtech@...e.cz>,
Matt Fleming <matt.fleming@...el.com>,
James Bottomley <james.bottomley@...senpartnership.com>,
Greg KH <gregkh@...uxfoundation.org>, JKosina@...e.com,
Rusty Russell <rusty@...tcorp.com.au>,
Herbert Xu <herbert@...dor.apana.org.au>,
"David S. Miller" <davem@...emloft.net>,
"H. Peter Anvin" <hpa@...or.com>, Michal Marek <mmarek@...e.cz>,
Gary Lin <GLin@...e.com>, Vivek Goyal <vgoyal@...hat.com>,
Matthew Garrett <mjg@...hat.com>,
"Lee, Chun-Yi" <jlee@...e.com>
Subject: [PATCH 08/18] Secure boot: Add new capability
From: Matthew Garrett <mjg@...hat.com>
Secure boot adds certain policy requirements, including that root must not
be able to do anything that could cause the kernel to execute arbitrary code.
The simplest way to handle this would seem to be to add a new capability
and gate various functionality on that. We'll then strip it from the initial
capability set if required.
Signed-off-by: Matthew Garrett <mjg@...hat.com>
Acked-by: Lee, Chun-Yi <jlee@...e.com>
Signed-off-by: Lee, Chun-Yi <jlee@...e.com>
---
include/uapi/linux/capability.h | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/include/uapi/linux/capability.h b/include/uapi/linux/capability.h
index ba478fa..7109e65 100644
--- a/include/uapi/linux/capability.h
+++ b/include/uapi/linux/capability.h
@@ -343,7 +343,11 @@ struct vfs_cap_data {
#define CAP_BLOCK_SUSPEND 36
-#define CAP_LAST_CAP CAP_BLOCK_SUSPEND
+/* Allow things that trivially permit root to modify the running kernel */
+
+#define CAP_COMPROMISE_KERNEL 37
+
+#define CAP_LAST_CAP CAP_COMPROMISE_KERNEL
#define cap_valid(x) ((x) >= 0 && (x) <= CAP_LAST_CAP)
--
1.6.4.2
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists