Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Lockdown: pmdakvm: debugfs access is restricted #1130

Closed
tvanderka opened this issue Oct 28, 2020 · 1 comment
Closed

Lockdown: pmdakvm: debugfs access is restricted #1130

tvanderka opened this issue Oct 28, 2020 · 1 comment

Comments

@tvanderka
Copy link

Repeated kernel log spam with "Lockdown: pmdakvm: debugfs access is restricted", in version 5.2.1 on Fedora 33

Commit 1402649 was supposed to fix this but there's a typo:

strncmp(p, CONFIDENTIALITY, CONFIDENTIALITY_LEN) != 0
should probably be
strncmp(p, CONFIDENTIALITY, CONFIDENTIALITY_LEN) == 0
@natoscott
Copy link
Member

@tvanderka thanks, I think I finally understand what's happened here. Your strncmp note is correct but only part of the issue - I couldn't figure out how regression test qa/348 was passing, since it (correctly) exercises the KVM metrics in each lockdown mode. It turns out way the test overrides the lockdown procfs file path (via kvm config file) avoids the root cause here - which is an ordering issue on setting up the path. Without the config file, the path is not set correctly, so we don't end up detecting any of the modes correctly in normal operation.

Fix and updates to the test will follow shortly - thanks for sending through the issue!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@natoscott @tvanderka