[PATCH v3 0/1] Automatic LSM stack ordering
Mickaël Salaün
mic at digikod.net
Mon Feb 22 15:06:07 UTC 2021
Hi,
This patch series gives the opportunity to users to not manually
configure the list of LSM enabled at boot but instead always rely on the
up-to-date list of existing LSMs. Indeed, CONFIG_LSM may never be
updated with a make oldconfig whereas users may select new LSMs over
time. With this patch, when running make oldconfig, a new option
CONFIG_LSM_AUTO is pre-selected to delegate LSM ordering to the kernel
developers, according to the user configuration.
This third series replace the previous virtual dependencies with a new
option to automatically enable all selected LSMs. This is cleaner,
simpler, and makes the transition more convenient.
This patch series can be applied on v5.11-7580-gea914b7ffbfd (or v5.11).
Previous version:
https://lore.kernel.org/r/20210215181511.2840674-1-mic@digikod.net
Mickaël Salaün (1):
security: Add CONFIG_LSM_AUTO to handle default LSM stack ordering
security/Kconfig | 19 +++++++++++++++++++
security/security.c | 26 +++++++++++++++++++++++++-
2 files changed, 44 insertions(+), 1 deletion(-)
base-commit: 31caf8b2a847214be856f843e251fc2ed2cd1075
--
2.30.0
More information about the Linux-security-module-archive
mailing list