[PATCH v5 2/2] LSM: add SafeSetID module that gates setid calls

Micah Morton mortonm at chromium.org
Mon Jan 28 20:19:34 UTC 2019


On Mon, Jan 28, 2019 at 11:56 AM Kees Cook <keescook at chromium.org> wrote:
>
> On Tue, Jan 29, 2019 at 8:47 AM Micah Morton <mortonm at chromium.org> wrote:
> >
> > I'm getting the following crash when booting after compiling a kernel
> > with this LSM enabled, so I'll have to figure out what is going on.
> > All the "core" functionality of this LSM has been tested thoroughly
> > (we're already using this LSM on ChromeOS), but looks like there's
> > some debugging of the initialization that still needs to be done.
>
>
> +DEFINE_LSM(safesetid_security_init) = {
> +       .init = safesetid_security_init,
> +};
>
> I think this is from not having:
>
> .name = "safesetid",

That fixed it for me! Thanks

>
> I missed that in the review, sorry!
>
> --
> Kees Cook



More information about the Linux-security-module-archive mailing list