mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/include
History
Ricardo Ribalda a42aaad2e4 kexec: introduce sysctl parameters kexec_load_limit_* 
kexec allows replacing the current kernel with a different one.  This is
usually a source of concerns for sysadmins that want to harden a system.

Linux already provides a way to disable loading new kexec kernel via
kexec_load_disabled, but that control is very coard, it is all or nothing
and does not make distinction between a panic kexec and a normal kexec.

This patch introduces new sysctl parameters, with finer tuning to specify
how many times a kexec kernel can be loaded.  The sysadmin can set
different limits for kexec panic and kexec reboot kernels.  The value can
be modified at runtime via sysctl, but only with a stricter value.

With these new parameters on place, a system with loadpin and verity
enabled, using the following kernel parameters:
sysctl.kexec_load_limit_reboot=0 sysct.kexec_load_limit_panic=1 can have a
good warranty that if initrd tries to load a panic kernel, a malitious
user will have small chances to replace that kernel with a different one,
even if they can trigger timeouts on the disk where the panic kernel
lives.

Link: https://lkml.kernel.org/r/20221114-disable-kexec-reset-v6-3-6a8531a09b9a@chromium.org
Signed-off-by: Ricardo Ribalda <ribalda@chromium.org>
Reviewed-by: Steven Rostedt (Google) <rostedt@goodmis.org>
Acked-by: Baoquan He <bhe@redhat.com>
Cc: Bagas Sanjaya <bagasdotme@gmail.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Guilherme G. Piccoli <gpiccoli@igalia.com> # Steam Deck
Cc: Joel Fernandes (Google) <joel@joelfernandes.org>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Philipp Rudo <prudo@redhat.com>
Cc: Ross Zwisler <zwisler@kernel.org>
Cc: Sergey Senozhatsky <senozhatsky@chromium.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
 		2023-02-02 22:50:05 -08:00
..
acpi ACPI: Fix selecting wrong ACPI fwnode for the iGPU on some Dell laptops 2023-01-10 20:23:48 +01:00
asm-generic docs: fault-injection: add requirements of error injectable functions 2023-02-02 22:50:00 -08:00
clocksource
crypto
drm Merge drm/drm-fixes into drm-misc-fixes 2023-01-03 08:32:12 +01:00
dt-bindings remoteproc updates for v6.2 2022-12-21 09:37:14 -08:00
keys
kunit
kvm
linux kexec: introduce sysctl parameters kexec_load_limit_* 2023-02-02 22:50:05 -08:00
math-emu
media
memory
misc
net rxrpc: Tidy up abort generation infrastructure 2023-01-06 09:43:32 +00:00
pcmcia
ras
rdma
rv
scsi Merge branch '6.2/scsi-queue' into 6.2/scsi-fixes 2022-12-30 16:29:34 +00:00
soc
sound
target
trace rxrpc: Move client call connection to the I/O thread 2023-01-06 09:43:33 +00:00
uapi arm64 fixes for -rc4 2023-01-13 07:11:45 -06:00
ufs
vdso
video
xen