[PATCH v5 13/38] selinux: Remove SECURITY_SELINUX_BOOTPARAM_VALUE

[PATCH v5 00/38] LSM: Module stacking for SARA and Landlock · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 11/38] LSM: Separate idea of "major" LSM from "exclusive" LSM · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 28/38] SELinux: Abstract use of file security blob · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 32/38] Smack: Abstract use of inode security blob · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 01/38] LSM: Introduce LSM_FLAG_LEGACY_MAJOR · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 02/38] LSM: Provide separate ordered initialization · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 03/38] LSM: Plumb visibility into optional "enabled" state · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 07/38] LSM: Introduce "lsm=" for boottime LSM selection · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 05/38] LSM: Build ordered list of LSMs to initialize · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 06/38] LSM: Introduce CONFIG_LSM · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 04/38] LSM: Lift LSM selection out of individual LSMs · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 09/38] LSM: Prepare for reorganizing "security=" logic · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 10/38] LSM: Refactor "security=" in terms of enable/disable · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 08/38] LSM: Tie enabling logic to presence in ordered list · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 12/38] apparmor: Remove SECURITY_APPARMOR_BOOTPARAM_VALUE · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 13/38] selinux: Remove SECURITY_SELINUX_BOOTPARAM_VALUE · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 14/38] LSM: Add all exclusive LSMs to ordered initialization · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 15/38] LSM: Split LSM preparation from initialization · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 18/38] LSM: Introduce enum lsm_order · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 16/38] LoadPin: Initialize as ordered LSM · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 17/38] Yama: Initialize as ordered LSM · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 19/38] capability: Initialize as LSM_ORDER_FIRST · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 21/38] Smack: Abstract use of cred security blob · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 23/38] SELinux: Remove cred security blob poisoning · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 20/38] procfs: add smack subdir to attrs · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 25/38] AppArmor: Abstract use of cred security blob · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 24/38] SELinux: Remove unused selinux_is_enabled · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 26/38] TOMOYO: Abstract use of cred security blob · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 27/38] Infrastructure management of the cred security blob · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 29/38] Smack: Abstract use of file security blob · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 30/38] LSM: Infrastructure management of the file security · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 31/38] SELinux: Abstract use of inode security blob · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 36/38] Smack: Abstract use of ipc security blobs · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 37/38] LSM: Infrastructure management of the ipc security blob · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 35/38] SELinux: Abstract use of ipc security blobs · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 34/38] LSM: Infrastructure management of the task security · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 33/38] LSM: Infrastructure management of the inode security · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 22/38] SELinux: Abstract use of cred security blob · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-11
[PATCH v5 38/38] TOMOYO: Update LSM flags to no longer be exclusive · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-12

Lifecycle

2018-12-11 22:43 Posted Casey Schaufler <casey@schaufler-ca.com>

From: Casey Schaufler <casey@schaufler-ca.com>
Date: 2018-12-11 22:43:42
Also in: linux-fsdevel, lkml, selinux
Subsystem: selinux security module, the rest · Maintainers: Paul Moore, Stephen Smalley, Linus Torvalds

From: Kees Cook <redacted>

In preparation for removing CONFIG_DEFAULT_SECURITY, this removes the
soon-to-be redundant SECURITY_SELINUX_BOOTPARAM_VALUE. Since explicit
ordering via CONFIG_LSM or "lsm=" will define whether an LSM is enabled or
not, this CONFIG will become effectively ignored, so remove it. However,
in order to stay backward-compatible with "security=selinux", the enable
variable defaults to true.

Signed-off-by: Kees Cook <redacted>
---
 security/selinux/Kconfig | 15 ---------------
 security/selinux/hooks.c |  5 +----
 2 files changed, 1 insertion(+), 19 deletions(-)

diff --git a/security/selinux/Kconfig b/security/selinux/Kconfig
index 8af7a690eb40..55f032f1fc2d 100644
--- a/security/selinux/Kconfig
+++ b/security/selinux/Kconfig

@@ -22,21 +22,6 @@ config SECURITY_SELINUX_BOOTPARAM
 
 	  If you are unsure how to answer this question, answer N.
 
-config SECURITY_SELINUX_BOOTPARAM_VALUE
-	int "NSA SELinux boot parameter default value"
-	depends on SECURITY_SELINUX_BOOTPARAM
-	range 0 1
-	default 1
-	help
-	  This option sets the default value for the kernel parameter
-	  'selinux', which allows SELinux to be disabled at boot.  If this
-	  option is set to 0 (zero), the SELinux kernel parameter will
-	  default to 0, disabling SELinux at bootup.  If this option is
-	  set to 1 (one), the SELinux kernel parameter will default to 1,
-	  enabling SELinux at bootup.
-
-	  If you are unsure how to answer this question, answer 1.
-
 config SECURITY_SELINUX_DISABLE
 	bool "NSA SELinux runtime disable"
 	depends on SECURITY_SELINUX

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 3687599d9d16..edd5b8dd3e56 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c

@@ -120,9 +120,8 @@ __setup("enforcing=", enforcing_setup);
 #define selinux_enforcing_boot 1
 #endif
 
+int selinux_enabled __lsm_ro_after_init = 1;
 #ifdef CONFIG_SECURITY_SELINUX_BOOTPARAM
-int selinux_enabled = CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE;
-
 static int __init selinux_enabled_setup(char *str)
 {
 	unsigned long enabled;

@@ -131,8 +130,6 @@ static int __init selinux_enabled_setup(char *str)
 	return 1;
 }
 __setup("selinux=", selinux_enabled_setup);
-#else
-int selinux_enabled = 1;
 #endif
 
 static unsigned int selinux_checkreqprot_boot =

-- 
2.14.5

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help