]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit
projects / mirror_ubuntu-bionic-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 73796cb) | patch
UBUNTU: SAUCE: (efi-lockdown) Really don't allow lifting lockdown from userspace
authorSeth Forshee <seth.forshee@canonical.com>
Tue, 5 Nov 2019 20:35:04 +0000 (14:35 -0600)
committerStefan Bader <stefan.bader@canonical.com>
Tue, 12 Nov 2019 18:04:39 +0000 (19:04 +0100)
commit1c59aeeaa09d42c7718bfdd2e1f7612987dae561
tree1b859be144dff298962fd205f9f7802627f09446tree
parent73796cba5898d2d1106866239d1bbf72beca9cabcommit | diff
UBUNTU: SAUCE: (efi-lockdown) Really don't allow lifting lockdown from userspace

BugLink: https://bugs.launchpad.net/bugs/1851380
"UBUNTU: SAUCE: (efi-lockdown) Add a SysRq option to lift kernel
lockdown" adds a sysrq key to lift kernel lockdown, which is
meant to only allow a physically present user to lift lockdown
using a keyboard. However, the code has a bug which also allows
root to lift lockdown through /proc/sysrq-trigger. Fix this bug
to make this work as intended.

Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
Acked-by: Connor Kuehl <connor.kuehl@canonical.com>
Acked-by: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>
drivers/tty/sysrq.c diff | blob | blame | history
ubuntu-bionic-kernel mirror