[PATCH v2] LSM: Better reporting of actual LSMs at boot

Kees Cook kees at kernel.org
Wed Nov 2 00:52:58 UTC 2022


On November 1, 2022 5:46:55 PM PDT, Casey Schaufler <casey at schaufler-ca.com> wrote:
>On 11/1/2022 5:05 PM, Kees Cook wrote:
>> Enhance the details reported by "lsm.debug" in several ways:
> [...]
>
>Acked-by: Casey Schaufler <casey at schaufler-ca.com>

Thanks!

>I'm curious about what is driving this change.

I was working on the ima stacking PoC and found the lsm.debug output confusing to read, and I wrote it. :P So, I wanted to clarify things and make sure stuff like lockdown was visible. Additionally, if we're going to keep the "lsm=" param as-is, I wanted it's value visible at boot so people would know what to start from when making changes.

-Kees


-- 
Kees Cook



More information about the Linux-security-module-archive mailing list