On Thu 2013-08-22 19:01:47, Lee, Chun-Yi wrote: > From: Matthew Garrett <mjg@xxxxxxxxxx> > > Secure boot adds certain policy requirements, including that root must not > be able to do anything that could cause the kernel to execute arbitrary code. > The simplest way to handle this would seem to be to add a new capability > and gate various functionality on that. We'll then strip it from the initial > capability set if required. There was some discussion about this before, right? And I don't think conclusion was it was acceptable...? > Signed-off-by: Matthew Garrett <mjg@xxxxxxxxxx> > Acked-by: Lee, Chun-Yi <jlee@xxxxxxxx> > Signed-off-by: Lee, Chun-Yi <jlee@xxxxxxxx> > --- > include/uapi/linux/capability.h | 6 +++++- > 1 files changed, 5 insertions(+), 1 deletions(-) > > diff --git a/include/uapi/linux/capability.h b/include/uapi/linux/capability.h > index ba478fa..7109e65 100644 > --- a/include/uapi/linux/capability.h > +++ b/include/uapi/linux/capability.h > @@ -343,7 +343,11 @@ struct vfs_cap_data { > > #define CAP_BLOCK_SUSPEND 36 > > -#define CAP_LAST_CAP CAP_BLOCK_SUSPEND > +/* Allow things that trivially permit root to modify the running kernel */ > + > +#define CAP_COMPROMISE_KERNEL 37 > + > +#define CAP_LAST_CAP CAP_COMPROMISE_KERNEL > > #define cap_valid(x) ((x) >= 0 && (x) <= CAP_LAST_CAP) > -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html