| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250321102422.640271-1-nik.borisov@suse.com> Date: Fri, 21 Mar 2025 12:24:19 +0200 From: Nikolay Borisov <nik.borisov@...e.com> To: linux-security-module@...r.kernel.org Cc: paul@...l-moore.com, serge@...lyn.com, kees@...nel.org, linux-kernel@...r.kernel.org, kirill.shutemov@...ux.intel.com, linux-coco@...ts.linux.dev, Nikolay Borisov <nik.borisov@...e.com> Subject: [PATCH 0/2] Allow individual features to be locked down This simple change allows usecases where someone might want to lock only specific feature at a finer granularity than integrity/confidentiality levels allows. The first likely user of this is the CoCo subsystem where certain features will be disabled. Nikolay Borisov (2): lockdown: Switch implementation to using bitmap lockdown/kunit: Introduce kunit tests security/lockdown/Kconfig | 5 +++ security/lockdown/Makefile | 1 + security/lockdown/lockdown.c | 24 +++++++++----- security/lockdown/lockdown_test.c | 55 +++++++++++++++++++++++++++++++ 4 files changed, 77 insertions(+), 8 deletions(-) create mode 100644 security/lockdown/lockdown_test.c -- 2.43.0
Powered by blists - more mailing lists