[PATCH v3 0/1] Automatic LSM stack ordering

Mickaël Salaün mic at digikod.net
Mon Feb 22 15:06:07 UTC 2021


This patch series gives the opportunity to users to not manually
configure the list of LSM enabled at boot but instead always rely on the
up-to-date list of existing LSMs.  Indeed, CONFIG_LSM may never be
updated with a make oldconfig whereas users may select new LSMs over
time.  With this patch, when running make oldconfig, a new option
CONFIG_LSM_AUTO is pre-selected to delegate LSM ordering to the kernel
developers, according to the user configuration.

This third series replace the previous virtual dependencies with a new
option to automatically enable all selected LSMs.  This is cleaner,
simpler, and makes the transition more convenient.

This patch series can be applied on v5.11-7580-gea914b7ffbfd (or v5.11).
Previous version:

Mickaël Salaün (1):
  security: Add CONFIG_LSM_AUTO to handle default LSM stack ordering

 security/Kconfig    | 19 +++++++++++++++++++
 security/security.c | 26 +++++++++++++++++++++++++-
 2 files changed, 44 insertions(+), 1 deletion(-)

base-commit: 31caf8b2a847214be856f843e251fc2ed2cd1075

More information about the Linux-security-module-archive mailing list