Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Lockdown in Kernel 5.4 for Alpha #91

Closed
dongsupark opened this issue Apr 23, 2020 · 2 comments
Closed

Lockdown in Kernel 5.4 for Alpha #91

dongsupark opened this issue Apr 23, 2020 · 2 comments
Labels
channel/edge Issues concerning the EDGE channel of Flatcar Container Linux. kind/feature A feature request

Comments

@dongsupark
Copy link
Member

Current situation
Lockdown is available since mainline Kernel 5.4. So it is possible to turn on lockdown without having to add third-party patches. We should first decide when we start turning on the lockdown kernel config.

Impact
Since some distros had enabled lockdown in Kernel, there were bug reports around eBPF. See iovisor/bcc#2565.
So we should carefully investigate how we can avoid such breakages.
@dongsupark dongsupark added channel/edge Issues concerning the EDGE channel of Flatcar Container Linux. channel/alpha Issue concerns the Alpha channel. kind/feature A feature request labels Apr 23, 2020
@t-lo t-lo mentioned this issue Apr 23, 2020
Closed
@dongsupark
Copy link
Member Author

Lockdown is available in kernel config since Alpha 2632.0.0.

@dongsupark dongsupark removed the channel/alpha Issue concerns the Alpha channel. label Oct 20, 2020
@dongsupark
Copy link
Member Author

Looks like it was already done a long time ago.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
channel/edge Issues concerning the EDGE channel of Flatcar Container Linux. kind/feature A feature request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dongsupark