diff options
author | Matthew Garrett <matthewgarrett@google.com> | 2019-08-20 02:18:05 +0200 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2019-08-20 06:54:17 +0200 |
commit | b602614a81078bf29c82b2671bb96a63488f68d6 (patch) | |
tree | eb83d8f6461eeff1bd51eda39267ab0f523bd5f8 /fs/proc | |
parent | efi: Restrict efivar_ssdt_load when the kernel is locked down (diff) | |
download | linux-b602614a81078bf29c82b2671bb96a63488f68d6.tar.xz linux-b602614a81078bf29c82b2671bb96a63488f68d6.zip |
lockdown: Print current->comm in restriction messages
Print the content of current->comm in messages generated by lockdown to
indicate a restriction that was hit. This makes it a bit easier to find
out what caused the message.
The message now patterned something like:
Lockdown: <comm>: <what> is restricted; see man kernel_lockdown.7
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Matthew Garrett <mjg59@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'fs/proc')
-rw-r--r-- | fs/proc/kcore.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/fs/proc/kcore.c b/fs/proc/kcore.c index ee2c576cc94e..e2ed8e08cc7a 100644 --- a/fs/proc/kcore.c +++ b/fs/proc/kcore.c @@ -548,11 +548,12 @@ static int open_kcore(struct inode *inode, struct file *filp) { int ret = security_locked_down(LOCKDOWN_KCORE); - if (ret) - return ret; if (!capable(CAP_SYS_RAWIO)) return -EPERM; + if (ret) + return ret; + filp->private_data = kmalloc(PAGE_SIZE, GFP_KERNEL); if (!filp->private_data) return -ENOMEM; |