MIRRORS/linux-yocto
1
0
Fork 0
mirror of git://git.yoctoproject.org/linux-yocto.git synced 2025-10-22 15:03:53 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,000,919 Commits 589 Branches 4,509 Tags 4.3 GiB
C 97.5%
Assembly 1%
Shell 0.6%
Python 0.3%
Makefile 0.3%
Other 0.1%
27d0ed38e1
Go to file
Peter Oberparleiter 27d0ed38e1 s390/hypfs: Enable limited access during lockdown 
[ Upstream commit 3868f910440c47cd5d158776be4ba4e2186beda7 ]

When kernel lockdown is active, debugfs_locked_down() blocks access to
hypfs files that register ioctl callbacks, even if the ioctl interface
is not required for a function. This unnecessarily breaks userspace
tools that only rely on read operations.

Resolve this by registering a minimal set of file operations during
lockdown, avoiding ioctl registration and preserving access for affected
tooling.

Note that this change restores hypfs functionality when lockdown is
active from early boot (e.g. via lockdown=integrity kernel parameter),
but does not apply to scenarios where lockdown is enabled dynamically
while Linux is running.

Tested-by: Mete Durlu <meted@linux.ibm.com>
Reviewed-by: Vasily Gorbik <gor@linux.ibm.com>
Fixes: 5496197f9b ("debugfs: Restrict debugfs when the kernel is locked down")
Signed-off-by: Peter Oberparleiter <oberpar@linux.ibm.com>
Signed-off-by: Alexander Gordeev <agordeev@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2025-08-28 16:22:59 +02:00
arch s390/hypfs: Enable limited access during lockdown 2025-08-28 16:22:59 +02:00
block block: don't call rq_qos_ops->done_bio if the bio isn't tracked 2025-08-28 16:22:54 +02:00
certs
crypto crypto: xts - Only add ecb if it is not already there 2025-06-27 11:04:01 +01:00
Documentation asm-generic: Add memory barrier dma_mb() 2025-08-28 16:22:57 +02:00
drivers ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc 2025-08-28 16:22:59 +02:00
fs f2fs: fix to avoid out-of-boundary access in dnode page 2025-08-28 16:22:57 +02:00
include mm/page_alloc: detect allocation forbidden by cpuset and bail out early 2025-08-28 16:22:58 +02:00
init bpf: Clean up sockmap related Kconfigs 2025-06-27 11:04:09 +01:00
io_uring io_uring: fix possible deadlock in io_register_iowq_max_workers() 2024-11-17 14:59:39 +01:00
ipc ipc: fix to protect IPCS lookups using RCU 2025-06-27 11:04:14 +01:00
kernel cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key 2025-08-28 16:22:58 +02:00
lib lib: test_objagg: Set error message in check_expect_hints_stats() 2025-07-17 18:27:47 +02:00
LICENSES
mm mm/page_alloc: detect allocation forbidden by cpuset and bail out early 2025-08-28 16:22:58 +02:00
net net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate 2025-08-28 16:22:59 +02:00
samples samples: mei: Fix building on musl libc 2025-08-28 16:22:32 +02:00
scripts kconfig: lxdialog: fix 'space' to (de)select options 2025-08-28 16:22:47 +02:00
security securityfs: don't pin dentries twice, once is enough... 2025-08-28 16:22:40 +02:00
sound ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation 2025-08-28 16:22:59 +02:00
tools selftests: mptcp: pm: check flush doesn't reset limits 2025-08-28 16:22:58 +02:00
usr kbuild: hdrcheck: fix cross build with clang 2025-06-27 11:04:11 +01:00
virt KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() 2024-10-22 15:39:24 +02:00
.clang-format
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitignore Remove *.orig pattern from .gitignore 2024-10-17 15:07:59 +02:00
.mailmap
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS platform: Add Surface platform directory 2025-06-27 11:04:19 +01:00
Makefile kbuild: userprogs: use correct linker when mixing clang and GNU ld 2025-08-28 16:22:52 +02:00
README

README

Linux kernel

There are several guides for kernel developers and users. These guides can be rendered in a number of formats, like HTML and PDF. Please read Documentation/admin-guide/README.rst first.

In order to build the documentation, use make htmldocs or make pdfdocs. The formatted documentation can also be read online at:

https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory, several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the requirements for building and running the kernel, and information about the problems which may result by upgrading your kernel.