Linux 4.7 To Gain New Security Feature Ported From Chrome OS

Written by Michael Larabel in Linux Kernel on 19 May 2016 at 08:19 AM EDT. 4 Comments
James Morris has made known the security subsystem updates intended for the Linux 4.7 kernel and it includes one addition worth mentioning.

Linux 4.7 is set to get the "LoadPin" Linux Security Module (LSM). LoadPin is ported from Chrome OS and allows limiting the medium/location where any kernel modules and firmware can be loaded. In other words, ensuring any modules, firmware, or other assets touching the kernel are only loaded from a trusted source.

Kees Cook who has been working to bring this to the mainline Linux kernel explained of LoadPin LSM, "this provides the mini-LSM 'loadpin' that intercepts the now consolidated kernel_file_read LSM hook so that a system can keep all loads coming from a single trusted filesystem. This is what Chrome OS uses to pin kernel module and firmware loading to the read-only crypto-verified dm-verity partition so that kernel module signing is not needed."

As an alternative to dm-verity, the LoadPin LSM could even specify that kernel modules/firmware only be loaded from say a CD/DVD-ROM. Though even if the kernel is built with CONFIG_SECURITY_LOADPIN, it still can be defeated by setting loadpin.enabled=0 at boot-time.

The 4.7 security subsystem pull request can be viewed via the kernel mailing list.
Related News
About The Author
Author picture

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week