leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

doc: ReSTify LoadPin.txt

Browse Source 
Adjusts for ReST markup and moves under LSM admin guide.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
This commit is contained in:
Kees Cook
2017-05-13 04:51:48 -07:00
committed by Jonathan Corbet
parent 90bb766440
commit 30da4f77aa
3 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
Documentation/security/LoadPin.txt → Documentation/admin-guide/LSM/LoadPin.rst
View File

@@ -1,3 +1,7 @@
=======
LoadPin
=======
LoadPin is a Linux Security Module that ensures all kernel-loaded files LoadPin is a Linux Security Module that ensures all kernel-loaded files
(modules, firmware, etc) all originate from the same filesystem, with (modules, firmware, etc) all originate from the same filesystem, with
the expectation that such a filesystem is backed by a read-only device the expectation that such a filesystem is backed by a read-only device
@@ -5,13 +9,13 @@ such as dm-verity or CDROM. This allows systems that have a verified
and/or unchangeable filesystem to enforce module and firmware loading and/or unchangeable filesystem to enforce module and firmware loading
restrictions without needing to sign the files individually. restrictions without needing to sign the files individually.
The LSM is selectable at build-time with CONFIG_SECURITY_LOADPIN, and The LSM is selectable at build-time with ``CONFIG_SECURITY_LOADPIN``, and
can be controlled at boot-time with the kernel command line option can be controlled at boot-time with the kernel command line option
"loadpin.enabled". By default, it is enabled, but can be disabled at "``loadpin.enabled``". By default, it is enabled, but can be disabled at
boot ("loadpin.enabled=0"). boot ("``loadpin.enabled=0``").
LoadPin starts pinning when it sees the first file loaded. If the LoadPin starts pinning when it sees the first file loaded. If the
block device backing the filesystem is not read-only, a sysctl is block device backing the filesystem is not read-only, a sysctl is
created to toggle pinning: /proc/sys/kernel/loadpin/enabled. (Having created to toggle pinning: ``/proc/sys/kernel/loadpin/enabled``. (Having
a mutable filesystem means pinning is mutable too, but having the a mutable filesystem means pinning is mutable too, but having the
sysctl allows for easy testing on systems with a mutable filesystem.) sysctl allows for easy testing on systems with a mutable filesystem.)

1
Documentation/admin-guide/LSM/index.rst
View File

@@ -34,6 +34,7 @@ the one "major" module (e.g. SELinux) if there is one configured.
:maxdepth: 1 :maxdepth: 1
apparmor apparmor
LoadPin
SELinux SELinux
tomoyo tomoyo
Yama Yama

1
MAINTAINERS
View File

@@ -11567,6 +11567,7 @@ M: Kees Cook <keescook@chromium.org>
T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git lsm/loadpin T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git lsm/loadpin
S: Supported S: Supported
F: security/loadpin/ F: security/loadpin/
F: Documentation/admin-guide/LSM/LoadPin.rst
YAMA SECURITY MODULE YAMA SECURITY MODULE
M: Kees Cook <keescook@chromium.org> M: Kees Cook <keescook@chromium.org>