[PATCH] LSM: allow loadable kernel module based LSM modules
Paul Moore
paul at paul-moore.com
Wed Sep 4 14:23:05 UTC 2024
On Wed, Sep 4, 2024 at 3:10 AM Tetsuo Handa
<penguin-kernel at i-love.sakura.ne.jp> wrote:
>
> Until 2.6.23, it was officially possible to register/unregister LSM modules
> that are implemented as loadable kernel modules.
...
> Paul Moore has commented
>
> I do not intentionally plan to make life difficult for the out-of-tree
> LSMs, but if that happens as a result of design decisions intended to
> benefit in-tree LSMs that is acceptable as far as I am concerned.
Patches that add complexity to the LSM framework without any benefit
to the upstream, in-tree LSMs, or the upstream kernel in general, are
not good candidates for inclusion in the upstream kernel.
--
paul-moore.com
More information about the Linux-security-module-archive
mailing list