LinuxLists.cc - [PATCH] kernel_lockdown.7: Remove description of lifting via SysRq (not upstream)

2021-05-26 19:26:33

Subject: [PATCH] kernel_lockdown.7: Remove description of lifting via SysRq (not upstream)

The patch that implemented lockdown lifting via SysRq ended up getting
dropped[*] before the feature was merged upstream. Having the feature
documented but unsupported has caused some confusion for our users.

[*] http://archive.lwn.net:8080/linux-kernel/CACdnJuuxAM06TcnczOA6NwxhnmQUeqqm3Ma8btukZpuCS+dOqg@mail.gmail.com/

Signed-off-by: dann frazier <[email protected]>
---
man7/kernel_lockdown.7 | 6 ------
1 file changed, 6 deletions(-)

diff --git a/man7/kernel_lockdown.7 b/man7/kernel_lockdown.7
index 30863de62..29ffd55c3 100644
--- a/man7/kernel_lockdown.7
+++ b/man7/kernel_lockdown.7
@@ -33,12 +33,6 @@ where X indicates the process name and Y indicates what is restricted.
.PP
On an EFI-enabled x86 or arm64 machine, lockdown will be automatically enabled
if the system boots in EFI Secure Boot mode.
-.PP
-If the kernel is appropriately configured, lockdown may be lifted by typing
-the appropriate sequence on a directly attached physical keyboard.
-For x86 machines, this is
-.IR SysRq+x .
-.\"
.SS Coverage
When lockdown is in effect, a number of features are disabled or have their
use restricted.
--
2.31.1

2021-05-27 07:39:50

by Alejandro Colomar

[permalink] [raw]

Subject: Re: [PATCH] kernel_lockdown.7: Remove description of lifting via SysRq (not upstream)

Hello Dann,

On 5/26/21 7:34 PM, dann frazier wrote:
> The patch that implemented lockdown lifting via SysRq ended up getting
> dropped[*] before the feature was merged upstream. Having the feature
> documented but unsupported has caused some confusion for our users.
>
> [*] http://archive.lwn.net:8080/linux-kernel/CACdnJuuxAM06TcnczOA6NwxhnmQUeqqm3Ma8btukZpuCS+dOqg@mail.gmail.com/
>
> Signed-off-by: dann frazier <[email protected]>

Patch applied.

Thanks,

Alex

> ---
> man7/kernel_lockdown.7 | 6 ------
> 1 file changed, 6 deletions(-)
>
> diff --git a/man7/kernel_lockdown.7 b/man7/kernel_lockdown.7
> index 30863de62..29ffd55c3 100644
> --- a/man7/kernel_lockdown.7
> +++ b/man7/kernel_lockdown.7
> @@ -33,12 +33,6 @@ where X indicates the process name and Y indicates what is restricted.
> .PP
> On an EFI-enabled x86 or arm64 machine, lockdown will be automatically enabled
> if the system boots in EFI Secure Boot mode.
> -.PP
> -If the kernel is appropriately configured, lockdown may be lifted by typing
> -the appropriate sequence on a directly attached physical keyboard.
> -For x86 machines, this is
> -.IR SysRq+x .
> -.\"
> .SS Coverage
> When lockdown is in effect, a number of features are disabled or have their
> use restricted.
>

--
Alejandro Colomar
Linux man-pages comaintainer; https://www.kernel.org/doc/man-pages/
http://www.alejandro-colomar.es/