[PATCH v2] LSM: Ignore "security=" when "lsm=" is specified

Paul Moore paul at paul-moore.com
Mon Feb 18 02:45:57 UTC 2019

On Sun, Feb 17, 2019 at 12:17 AM Tetsuo Handa
<penguin-kernel at i-love.sakura.ne.jp> wrote:
> On 2019/02/14 1:05, Casey Schaufler wrote:
> > On 2/12/2019 10:23 AM, Kees Cook wrote:
> >> To avoid potential confusion, explicitly ignore "security=" when "lsm=" is
> >> used on the command line, and report that it is happening.
> >>
> >> Suggested-by: Tetsuo Handa <penguin-kernel at i-love.sakura.ne.jp>
> >> Signed-off-by: Kees Cook <keescook at chromium.org>
> >
> > Acked-by: Casey Schaufler <casey at schaufler-ca.com>
> The manual for TOMOYO was updated to follow this change.
> SELinux folks and AppArmor folks, can we apply this change?

My main concern is that "selinux={0|1}" continues to work as it has
for years.  It doesn't look like this affects that, but I can't say
I've dug into these changes very far.

paul moore

More information about the Linux-security-module-archive mailing list