[PATCH] LSM: allow loadable kernel module based LSM modules

Tetsuo Handa penguin-kernel at I-love.SAKURA.ne.jp
Fri Sep 6 07:43:15 UTC 2024


On 2024/09/04 23:23, Paul Moore wrote:
> On Wed, Sep 4, 2024 at 3:10 AM Tetsuo Handa
> <penguin-kernel at i-love.sakura.ne.jp> wrote:
>>
>> Until 2.6.23, it was officially possible to register/unregister LSM modules
>> that are implemented as loadable kernel modules.
> 
> ...
> 
>> Paul Moore has commented
>>
>>   I do not intentionally plan to make life difficult for the out-of-tree
>>   LSMs, but if that happens as a result of design decisions intended to
>>   benefit in-tree LSMs that is acceptable as far as I am concerned.
> 
> Patches that add complexity to the LSM framework without any benefit
> to the upstream, in-tree LSMs, or the upstream kernel in general, are
> not good candidates for inclusion in the upstream kernel.
> 

The idea and implementation for using LSM from loadable kernel modules is what
I demonstrated you in a lightening talk session in LinuxCon North America 2010.
It is 14 years since we learned my concern, and you had been ignoring my concern
until now.

The first solution is "do not use static calls". But you won't agree it. Also,
I'm not against use of static calls as long as LKM-based LSM is supported.

The second solution is "export static calls" (and leave how it is used by
LKM-based LSMs). But some of LSM people do not like solutions that can allow
LKMs to disable built-in LSMs.

The third solution is "continue using linked list for LKM-based LSMs" which was
suggested by KP Singh [1]. I'm OK with this solution, though it is unlucky that
LKM-based LSMs can't be benefited from "static calls".

If you ignore my concern, I have to NACK the static call changes you are
going to send in the upcoming merge window.



Link: https://lkml.kernel.org/r/CACYkzJ7ght66802wQFKzokfJKMKDOobYgeaCpu5Gx=iX0EuJVg@mail.gmail.com [1]




More information about the Linux-security-module-archive mailing list