This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
[Bug translator/25579] New: detect kernel lockdown/secureboot in effect
- From: "fche at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: systemtap at sourceware dot org
- Date: Wed, 19 Feb 2020 20:21:37 +0000
- Subject: [Bug translator/25579] New: detect kernel lockdown/secureboot in effect
- Auto-submitted: auto-generated
https://sourceware.org/bugzilla/show_bug.cgi?id=25579
Bug ID: 25579
Summary: detect kernel lockdown/secureboot in effect
Product: systemtap
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: translator
Assignee: systemtap at sourceware dot org
Reporter: fche at redhat dot com
Target Milestone: ---
https://bugzilla.redhat.com/show_bug.cgi?id=1638874 indicates modern kernels
activate a lockdown mode for kernels running under secureboot-enforcing mode,
which may prevent normal stap modules from loading/running. Once the kernel
exposes this state to unprivileged stap, we'll need to adopt the translator to
invoke the secureboot-signing mode implicitly. This logic is in the
systemtap_session::modules_must_be_signed() function.
--
You are receiving this mail because:
You are the assignee for the bug.