|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PATCH v2 2/3] Add lockdown mode
On 20.05.2025 13:57, Kevin Lampis wrote: > From: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx> > > The intention of lockdown mode is to prevent attacks from a rogue dom0 > userspace from compromising the system. Lockdown mode can be controlled by a > Kconfig option and a command-line parameter. It is also enabled automatically > when Secure Boot is enabled and it cannot be disabled in that case. > > If enabled from the command-line then it is required to be first in the > list otherwise Xen may process some insecure parameters before reaching > the lockdown parameter. > > Signed-off-by: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx> > Signed-off-by: Kevin Lampis <kevin.lampis@xxxxxxxxx> > --- > Changes in v2: > - Remove custom command line parsing > - Print warning if lockdown is not first on command line No comments on the patch itself (yet), just a formal remark: I was puzzled by having only v2 2/3 and 3/3 in my inbox. Looks like you sent each as reply on the v1 sub-threads. Very occasionally for a larger series it may be okay to send just a single update that way. Here, however, please re- send as a full, standalone v2 series. Jan
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |