Linus Torvalds announced that after years of reviews and code rewrites, he has approved a new security feature for the Linux kernel called “lockdown”. The new feature is going to ship as an LSM (Linux Security Model) alongside the upcoming Linux kernel 5.4 branch and it will be set disabled by default.
The reason why the new feature is being turned off by default is due to the risk of breaking already existing systems. Nonetheless, let’s go ahead and check out everything there is to know about the new Linux security feature.
New “Lockdown” Feature
The feature is going to be mainly used in order to strengthen the divide between userland processes and kernel code. The way that the new feature is doing this is by preventing everything, even the root account from interacting with the kernel code.
After “lockdown” is enabled, the feature will automatically restrict some kernel functionality, even from the root user and this makes it harder for compromised root accounts to do any harm to the rest of the operating system.
“The lockdown module is intended to allow for kernels to be locked down early in the boot process,” stated Matthew Garrett who is the Google engineer that first proposed the new feature. “When enabled various pieces of kernel functionality are restricted, “ added Linus Torvalds.
We also want to note that the “lockdown” feature will have to modes. The modes are called “integrity” and “confidentiality”. Each mode is unique and they are designed to restrict access to different kernel processes.
“If set to integrity, kernel features that allow userland to modify the running kernel are disabled. If set to confidentiality, kernel features that allow userland to extract confidential information from the kernel are also disabled,” added Linus Torvalds.