efi: Restrict efivar_ssdt_load when the kernel is locked down - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Matthew Garrett <[email protected]>	2019-08-19 17:18:04 -0700
committer	James Morris <[email protected]>	2019-08-19 21:54:17 -0700
commit	1957a85b0032a81e6482ca4aab883643b8dae06e (patch)
tree	5adf9fd932190f269677c6a29090ebbec6569a6a /tools/perf/scripts/python/Perf-Trace-Util/lib
parent	ccbd54ff54e8b1880456b81c4aea352ebe208843 (diff)

efi: Restrict efivar_ssdt_load when the kernel is locked down

efivar_ssdt_load allows the kernel to import arbitrary ACPI code from an EFI variable, which gives arbitrary code execution in ring 0. Prevent that when the kernel is locked down. Signed-off-by: Matthew Garrett <[email protected]> Acked-by: Ard Biesheuvel <[email protected]> Reviewed-by: Kees Cook <[email protected]> Cc: Ard Biesheuvel <[email protected]> Cc: [email protected] Signed-off-by: James Morris <[email protected]>

Diffstat (limited to 'tools/perf/scripts/python/Perf-Trace-Util/lib')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: