[PATCH] tomoyo: Add a kernel config option for fuzzing testing.

Tetsuo Handa penguin-kernel at i-love.sakura.ne.jp
Mon Mar 11 13:18:40 UTC 2019

On 2019/03/05 12:32, James Morris wrote:
> On Tue, 5 Mar 2019, Tetsuo Handa wrote:
>> I guess that majority of TOMOYO users are now using the upstream version. But
>> pre-LSM version and/or AKARI will remain there until LKM-based LSMs becomes
>> officially supported
> You mean dynamically loadable LSMs?

Yes. As long as upstream can't accept all LSM modules, and some people cannot afford
utilizing upstream LSM modules, LKM-based LSMs will be needed by such people.

> There are no plans to support this.

Currently you don't have a plan. But I have.

It took 10+ years to be able to allow coexisting inode based access control
and name based access control. And there are people who still cannot afford
keeping upstream LSM modules enabled.

Anyway, your question is irrelevant to whether to allow syzbot to test
TOMOYO module. syzbot already bisected this problem to an innocent
commit 89a9684ea158dd7e ("LSM: Ignore "security=" when "lsm=" is specified")
at https://syzkaller.appspot.com/bug?id=32ab41bbdc0c28643c507dd0cf1eea1a9ce67837 .
Will you send this patch to linux.git so that syzbot can test TOMOYO module?

More information about the Linux-security-module-archive mailing list