Thread (92 messages) 92 messages, 7 authors, 2018-10-08

Re: [PATCH security-next v4 10/32] LSM: Don't ignore initialization failures

From: Kees Cook <hidden>
Date: 2018-10-02 21:38:14
Also in: linux-arch, linux-doc, lkml

On Tue, Oct 2, 2018 at 2:20 PM, James Morris [off-list ref] wrote:
On Mon, 1 Oct 2018, Kees Cook wrote:
quoted
LSM initialization failures have traditionally been ignored. We should
at least WARN when something goes wrong.
I guess we could have a boot param which specifies what to do if any LSM
fails to init, as I think some folks will want to stop execution at that
point.

Thoughts?
I'm not opposed, but I won't author it because Linus will yell at me
about introducing a "machine killing" option.

-Kees

-- 
Kees Cook
Pixel Security
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help