Re: [PATCH security-next v4 21/32] LSM: Finalize centralized LSM enabling logic
From: Kees Cook <hidden>
Date: 2018-10-02 04:49:45
Also in:
linux-arch, linux-security-module, lkml
On Mon, Oct 1, 2018 at 6:18 PM, Randy Dunlap [off-list ref] wrote:
On 10/1/18 5:54 PM, Kees Cook wrote:quoted
Prior to this patch, default "enable" behavior was unchanged: SELinux and AppArmor were controlled separately from the centralized control defined by CONFIG_LSM_ENABLE and "lsm.enable=...". This changes the logic to give all control over to the central logic. Instead of allowing SELinux and AppArmor to override the central LSM enabling logic, by having separate CONFIG and boot parameters, this forces all "enable" variables to disabled, then enables any listed in the CONFIG_LSM_ENABLE and "lsm.enable=..." settings, and finally disables any listed in "lsm.disable=...". Signed-off-by: Kees Cook <redacted> --- .../admin-guide/kernel-parameters.txt | 6 ++-- include/linux/lsm_hooks.h | 2 +- security/security.c | 32 +++++++------------ 3 files changed, 15 insertions(+), 25 deletions(-)diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 67c90985d2b8..f646cfab5613 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt@@ -2279,14 +2279,12 @@ lsm.disable=lsm1,...,lsmN [SECURITY] Comma-separated list of LSMs to disable at boot time. This overrides "lsm.enable=",better: This overrides "lsm.enable=" and
Eek, yes! Thank you. :) -Kees
quoted
- CONFIG_LSM_ENABLE, and any per-LSM CONFIGs and boot - parameters. + CONFIG_LSM_ENABLE. lsm.enable=lsm1,...,lsmN [SECURITY] Comma-separated list of LSMs to enable at boot time. This overrides any omissions from - CONFIG_LSM_ENABLE, and any per-LSM CONFIGs and - boot parameters. + CONFIG_LSM_ENABLE. machvec= [IA-64] Force the use of a particular machine-vector (machvec) in a generic kernel.-- ~Randy
-- Kees Cook Pixel Security