Preventing kernel modifications to expand upon the work done for kernel lockdown. Add additional layers to system security.
Kernel_lockdown:
prevent both direct and indirect access to a running kernel image, attempting to protect against unauthorized modification of the kernel image and to prevent access to security and cryptographic data located in kernel memory, […]
From the mailing list I’m reading that kernel maintainers have heard a few companies looking for something like this, so yes?
Edit:
However, to be clear, the Hornet LSM proposed here seems very reasonable to me and I would have no conceptual objections to merging it upstream. Based on off-list discussions I believe there is a lot of demand for something like this, and I believe many people will be happy to have BPF signature verification in-tree.
Use-case?
Preventing kernel modifications to expand upon the work done for kernel lockdown. Add additional layers to system security.
Kernel_lockdown:
Is anyone having security issues without this patch?
From the mailing list I’m reading that kernel maintainers have heard a few companies looking for something like this, so yes?
Edit: