Optional 'lockdown' security feature approved for Linux Kernel 5.4
The new feature will prevent high-privileged accounts from interfering with kernel code
Linus Torvalds has finally decided to allow a "lockdown" security feature in the Linux kernel, which will prevent high-privileged accounts from interfering with kernel code.
The optional feature will come as Linux Security Module (LSM) in the upcoming Linux Kernel 5.4. Its primary function will be to bolster the gap between the kernel code and userland processes by preventing even root accounts from accessing some specific kernel functionalities. That way, the operating system will be protected from tampering as a result of a compromised root account.
Some of the restrictions that will be imposed with the "lockdown" feature include limiting access to features that may allow execution of arbitrary code through code supplied by userland processes; system hibernation prevention; blocking write/read operation to /dev/kmem memory and /dev/mem; blocking access to opening /dev/port; blocking CPU MSR access; and, many other restrictions to tighten up the security.
The lockdown feature will be disabled by default. When enabled, it will support two unique modes, namely "confidentiality" and "integrity".
The "confidentiality" mode will limit users from obtaining confidential details from the kernel. Setting lockdown to "integrity" will limit the kernel features that allow user-space to alter running kernels. If required, users can add extra lockdown modes by using an external patch.
"The lockdown module is intended to allow for kernels to be locked down early in [the] boot [process]," said Google engineer Matthew Garrett, who first proposed the feature in 2010.
Many experts however didn ' t like the idea. One of them was Linux creator Linus Torvalds, who was one of the strongest critics of such a feature, especially in its early days.
Due to Torvalds ' disliking for the "lockdown" feature, many Linux distros, including Red Hat, developed their own Linux kernel patches, adding a lockdown feature on top of the mainline kernel.
In 2018, both parties reached a consensus, enabling work on the lockdown feature to start earlier this year.
In recent months, Torvalds had organised several reviews and discussions to ensure that the new feature doesn ' t adversely affect the kernel functionality.