[RFC] LSM deprecation / removal policies
Paul Moore
paul at paul-moore.com
Mon May 5 20:11:39 UTC 2025
On Fri, May 2, 2025 at 4:44 PM Casey Schaufler <casey at schaufler-ca.com> wrote:
>
> On 5/2/2025 1:01 PM, Paul Moore wrote:
> > Hello all,
> >
> > We've worked in the past to document some of our policies and
> > guidelines, the result can be seen at the link below (also listed in
> > MAINTAINERS):
> >
> > - https://github.com/LinuxSecurityModule/kernel/blob/main/README.md
> >
> > However, one of the areas that has been missing from this guidance,
> > are policies on deprecating and removing LSM hooks as well as LSMs
> > themselves. In an effort to fix that, I've drafted two additional
> > sections (below) and I would appreciate feedback from the LSM
> > community as a whole on these sections. The LSM hook deprecation
> > policy follows the undocumented process we've typically followed, and
> > while we've never deprecated/removed a LSM, I believe the guidance
> > documented here follows existing precedence.
> >
> > ## Removing LSM Hooks
> >
> > If a LSM hook is no longer used by any in-kernel LSMs, there is no ongoing work
> > in progress involving the hook, and no expectation of future work that will use
> > the hook, the LSM community may consider removal of the LSM hook. The decision
> > to ultimately remove the LSM hook should balance ongoing maintenance and
> > performance concerns with the social challenges of reintroducing the hook if
> > it is needed at a later date.
>
> Should there also be a section
>
> ## Changing LSM hook interfaces
>
> The interface for an LSM hook may need to be changed for a number of
> reasons. ...
That's a good point, I'll add that to the TODO. Much like the LSM
hook removal guidance, it should be fairly brief as I'll simply
document the general practices we've followed thus far.
--
paul-moore.com
More information about the Linux-security-module-archive
mailing list