[PATCH linux-next] security: Fix side effects of default BPF LSM hooks
KP Singh
kpsingh at kernel.org
Fri Jun 10 23:50:12 UTC 2022
On Fri, Jun 10, 2022 at 9:00 PM Casey Schaufler <casey at schaufler-ca.com> wrote:
>
> On 6/10/2022 11:50 AM, Casey Schaufler wrote:
> > On 6/9/2022 4:46 PM, KP Singh wrote:
> >> BPF LSM currently has a default implementation for each LSM hooks which
> >> return a default value defined in include/linux/lsm_hook_defs.h. These
> >> hooks should have no functional effect when there is no BPF program
> >> loaded to implement the hook logic.
>
> What I failed to point out earlier is that you really want general
> LSM stacking for BPF to work the way you want it to. Reviewed-bys,
Happy to take a look, but we should fix this bug independently though.
> Acked-bys and other participation in that effort would be most
> appreciated.
>
More information about the Linux-security-module-archive
mailing list