Thread (45 messages) 45 messages, 4 authors, 2018-09-21

[PATCH security-next v2 20/26] LSM: Introduce "lsm.order=" for boottime ordering

From: Kees Cook <hidden>
Date: 2018-09-21 00:40:07
Also in: linux-arch, linux-doc, lkml 

On Thu, Sep 20, 2018 at 5:12 PM, Casey Schaufler [off-list ref] wrote:
On 9/20/2018 9:23 AM, Kees Cook wrote:
quoted
Provide a way to reorder LSM initialization using the new "lsm.order="
comma-separated list of LSMs. Any LSMs not listed will be added in builtin
order.

Signed-off-by: Kees Cook <redacted>
---
 Documentation/admin-guide/kernel-parameters.txt |  5 +++++
 security/security.c                             | 15 ++++++++++++++-
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index 32d323ee9218..5ac4c1056ffa 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -2276,6 +2276,11 @@

      lsm.debug       [SECURITY] Enable LSM initialization debugging output.

+     lsm.order=lsm1,...,lsmN
+                     [SECURITY] Choose order of LSM initialization. Any
+                     builtin LSMs not listed here will be implicitly
+                     added to the list in builtin order.
Added at the end of the list, or beginning of the list?
Whoops, I had an earlier version that was more clear. I meant to say
"appended" instead of "added" here. Fixed for the next version.

-Kees

-- 
Kees Cook
Pixel Security
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help