[PATCH v2] lsm: adds process attribute getter for Landlock
Jeff Xu
jeffxu at chromium.org
Tue May 30 18:02:00 UTC 2023
> >>
> >> As I believe we are in the latter stages of review for the syscall
> >> API, perhaps you could take a look and ensure that the current
> >> proposed API works for what you are envisioning with Landlock?
> >>
> > Which review/patch to look for the proposed API ?
>
> https://lore.kernel.org/lkml/20230428203417.159874-3-casey@schaufler-ca.com/T/
>
>
How easy is it to add a customized LSM with new APIs?
I'm asking because there are some hard-coded constant/macro, i.e.
+#define LSM_ID_LANDLOCK 111
(Do IDs need to be sequential ?)
+ define LSM_CONFIG_COUNT
Today, only security/Kconfig change is needed to add a new LSM, I think ?
More information about the Linux-security-module-archive
mailing list