[PATCH 0/2][SRU][B/D/E] Don't allow lifting of lockdown via /proc/sysrq-trigger
Seth Forshee
seth.forshee at canonical.com
Tue Nov 5 20:35:03 UTC 2019
BugLink: https://bugs.launchpad.net/bugs/1851380
SRU Justification
Impact: The kernel lockdown support adds a sysrq to allow a physically
present user to disable lockdown from the keyboard. A bug in the
implementation makes it possible to also lift lockdown by writing to
/proc/sysrq-trigger.
Fix: Correct the logic to disallow disabling lockdown via
/proc/sysrq-trigger.
Test Case: Write "x" to /proc/sysrq-trigger. When working properly there
should be no messages in dmesg about lifting lockdown, and lockdown
restrictions (e.g. loading unsigned modules) should remain in effect.
Regression Potential: Anyone using /proc/sysrq-trigger to disable
lockdown will no longer be able to do so. Implementation bugs could
prevent use of the sysrq from the keyboard from disabling lockdown, but
this has been confrimed to still work with the fix in place.
Note that xenial uses an older implementation of these patches which
does not have any sysrq mechanism for lifting lockdown, and thus it is
not affected.
Thanks,
Seth
More information about the kernel-team
mailing list