init/main.c · 747875b6e1c7fb56f437621b239bd3ed84a3e85d · openeuler / Kernel

security: restrict init parameters by configuration · 747875b6

由 Xiangyu Lu 提交于 12月 22, 2020

euler inclusion
category: bugfix
bugzilla: 46850
CVE: NA

---------------------------------

Linux kernel allow to specify a single-user mode, or specify the init process by
init parameter, which could bypass the login authentication mechanisms, direct
access to root identify. Close init kernel boot parameters through
CONFIG_SECURITY_BOOT_INIT.
Signed-off-by: NXiangyu Lu <luxiangyu@huawei.com>
Reviewed-by: NWang Kai <morgan.wang@huawei.com>
Signed-off-by: NWeilong Chen <chenweilong@huawei.com>
[hj: backport from hulk-3.10 for security enhancement]
Signed-off-by: NHanjun Guo <hanjun.guo@linaro.org>
Signed-off-by: Ngaobo <gaobo794@huawei.com>
Reviewed-by: NJason Yan <yanaijie@huawei.com>
Signed-off-by: Nzhangyi (F) <yi.zhang@huawei.com>
Acked-by: NXie XiuQi <xiexiuqi@huawei.com>
Signed-off-by: NChen Jun <chenjun102@huawei.com>

747875b6

main.c 37.3 KB

openeuler / Kernel 1 年多 前同步成功

Replace main.c

openeuler / Kernel
1 年多前同步成功