Linus Torvalds approved ‘lockdown’ feature in Linux kernel

After years of evaluation, discussion, and rewriting, Linus Torvalds approved the kernel lockdown feature. The new feature LSM (Linux Security Module) will be available to users with Linux kernel 5.4. It will restrict user-space access or modification to the kernel, and impose additional restrictions on the root modification runtime kernel to prevent the compromised root account from jeopardizing the rest of the system. The LSM will initially be turned off by default and the user can choose to enable it because it may corrupt the existing system.

Other changes to kernel 5.4 include: ARM64 architecture will be able to use 52-bit addresses; remove Intel ‘s MPX functionality; remove support for SGI SN2 architecture; “haltpoll” CPU idle governor; support Lenovo ThinkPad “PrivacyGuard” functionality, etc.

Via: ZDNet