Go to file
Matthew Garrett 95f5e95f41 x86/msr: Restrict MSR access when the kernel is locked down
Writing to MSRs should not be allowed if the kernel is locked down, since
it could lead to execution of arbitrary code in kernel mode.  Based on a
patch by Kees Cook.

Signed-off-by: Matthew Garrett <mjg59@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
cc: x86@kernel.org
Signed-off-by: James Morris <jmorris@namei.org>
2019-08-19 21:54:16 -07:00
arch x86/msr: Restrict MSR access when the kernel is locked down 2019-08-19 21:54:16 -07:00
block blk-mq: fix up placement of debugfs directory of queue files 2019-07-06 10:07:38 -06:00
certs treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 2019-05-24 17:27:11 +02:00
crypto kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE 2019-08-19 21:54:15 -07:00
Documentation security: Add a static lockdown policy LSM 2019-08-19 21:54:15 -07:00
drivers PCI: Lock down BAR access when the kernel is locked down 2019-08-19 21:54:15 -07:00
fs Merge branch 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-06 09:53:08 -07:00
include x86/msr: Restrict MSR access when the kernel is locked down 2019-08-19 21:54:16 -07:00
init lockdown: Enforce module signatures if the kernel is locked down 2019-08-19 21:54:15 -07:00
ipc treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
kernel hibernate: Disable when the kernel is locked down 2019-08-19 21:54:15 -07:00
lib Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-05 13:31:19 +09:00
LICENSES LICENSES: Rename other to deprecated 2019-05-03 06:34:32 -06:00
mm Revert "mm: page cache: store only head pages in i_pages" 2019-07-05 19:55:18 -07:00
net Two more quick bugfixes for nfsd, fixing a regression causing mount 2019-07-05 19:00:37 -07:00
samples samples: make pidfd-metadata fail gracefully on older kernels 2019-06-24 15:55:50 +02:00
scripts treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 505 2019-06-19 17:11:22 +02:00
security x86/msr: Restrict MSR access when the kernel is locked down 2019-08-19 21:54:16 -07:00
sound sound fixes for 5.2 2019-07-05 02:03:50 +09:00
tools KVM: nVMX: Change KVM_STATE_NESTED_EVMCS to signal vmcs12 is copied from eVMCS 2019-07-02 19:02:45 +02:00
usr user/Makefile: Fix typo and capitalization in comment section 2018-12-11 00:18:03 +09:00
virt SPDX update for 5.2-rc6 2019-06-21 09:58:42 -07:00
.clang-format Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-04-17 11:26:25 -07:00
.cocciconfig
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes
.gitignore .gitignore: exclude .get_maintainer.ignore and .gitattributes 2019-05-18 11:49:54 +09:00
.mailmap MAINTAINERS: Update my email address 2019-06-18 14:37:27 +01:00
COPYING COPYING: use the new text with points to the license files 2018-03-23 12:41:45 -06:00
CREDITS MAINTAINERS: Farewell Martin Schwidefsky 2019-05-31 10:14:11 +02:00
Kbuild Kbuild updates for v5.1 2019-03-10 17:48:21 -07:00
Kconfig kconfig: move the "Executable file formats" menu to fs/Kconfig.binfmt 2018-08-02 08:06:55 +09:00
MAINTAINERS A few more MIPS fixes: 2019-07-06 10:32:12 -07:00
Makefile Linux 5.2 2019-07-07 15:41:56 -07:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.