+1

Documentation/admin-guide/LSM/index.rst

reviewed

··· 34 34 :maxdepth: 1 35 35 36 36 apparmor 37 37 + LoadPin 37 38 SELinux 38 39 tomoyo 39 40 Yama

+8 -4

Documentation/security/LoadPin.txt Documentation/admin-guide/LSM/LoadPin.rst

reviewed

··· 1 1 + ======= 2 2 + LoadPin 3 3 + ======= 4 4 + 1 5 LoadPin is a Linux Security Module that ensures all kernel-loaded files 2 6 (modules, firmware, etc) all originate from the same filesystem, with 3 7 the expectation that such a filesystem is backed by a read-only device ··· 9 5 and/or unchangeable filesystem to enforce module and firmware loading 10 6 restrictions without needing to sign the files individually. 11 7 12 12 - The LSM is selectable at build-time with CONFIG_SECURITY_LOADPIN, and 8 8 + The LSM is selectable at build-time with ``CONFIG_SECURITY_LOADPIN``, and 13 9 can be controlled at boot-time with the kernel command line option 14 14 - "loadpin.enabled". By default, it is enabled, but can be disabled at 15 15 - boot ("loadpin.enabled=0"). 10 10 + "``loadpin.enabled``". By default, it is enabled, but can be disabled at 11 11 + boot ("``loadpin.enabled=0``"). 16 12 17 13 LoadPin starts pinning when it sees the first file loaded. If the 18 14 block device backing the filesystem is not read-only, a sysctl is 19 19 - created to toggle pinning: /proc/sys/kernel/loadpin/enabled. (Having 15 15 + created to toggle pinning: ``/proc/sys/kernel/loadpin/enabled``. (Having 20 16 a mutable filesystem means pinning is mutable too, but having the 21 17 sysctl allows for easy testing on systems with a mutable filesystem.)

+1

MAINTAINERS

reviewed

··· 11567 11567 T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git lsm/loadpin 11568 11568 S: Supported 11569 11569 F: security/loadpin/ 11570 11570 + F: Documentation/admin-guide/LSM/LoadPin.rst 11570 11571 11571 11572 YAMA SECURITY MODULE 11572 11573 M: Kees Cook <keescook@chromium.org>