After years of discussion and code re-writing, Linus Torvalds approved Saturday a new security feature for the Linux kernel, called "lockdown".
The new feature will come as an LSM (Linux Security Module) to Kernel which will be released soon and will be disabled by default. Its use will be optional because there is a risk that it will overwhelm existing systems.
The main function of the new feature will be to bridge the gap between the user processes and the core code, even preventing the root account from interact with the Kernel code, something that could have happened to date.
When enabled, the 'lock' feature will limit some core functionality, even for the root user, making it more difficult for attackers who have acquired root privileges to compromise the rest of the operating system.
"The lockdown is designed to allow kernels to be locked early in the boot process," said Matthew Garrett, a Google engineer who proposed the feature years ago.
"When enabled, various kernel functionalities will be limited," Linus Torvalds said.
This includes restricting access to kernel functions that can allow the execution of arbitrary code provided by user processes:
Capture processes from writing or reading / dev / mem and / dev / kmem memory.
Block access to / dev / port.
Implement kernel module signatures and much more listed here.
The new module will support two modes of locking, described in the description as "integrity" and "confidentiality".
Each mode is unique and will limit access to different kernel functions.
"If set to integrity, the kernel capabilities that allow the user to modify the current kernel will be disabled," Torvalds said.
"If set to confidentiality, the kernel capabilities that allow the user to extract confidential information from the kernel will also be disabled."
Discussions about kernel lockdown started at the beginning of the 2010 by Google engineer Matthew Garrett.
The idea behind this feature was to create a security mechanism that would prevent users from having increased permissions (even the "root" account) so that they would not be able to violate the kernel code.
Back then, although Linux systems used secure boot mechanisms, there were ways in which malware could abuse drivers, root accounts, and user accounts with particularly increased privileges to violate kernel code.
Many security experts have been calling for the blocking of the kernel in recent years, but Torvalds did not particularly agree in the early days.
As a result, many Linux distributions, such as Red Hat, have developed their own Linux Kernel that contained the lock feature. But this year we will see the new feature in all distributions!