[RFC PATCH 3/9] Loadpol LSM: filter kernel module request according to the policy
Randy Dunlap
rdunlap at infradead.org
Wed May 21 16:21:40 UTC 2025
On 5/21/25 8:47 AM, Casey Schaufler wrote:
> On 5/21/2025 7:01 AM, Simon THOBY wrote:
>> When a kernel module is loaded, the LSM accepts or rejects the demand
>> according to its policy.
>>
>> Signed-off-by: Simon THOBY <git at nightmared.fr>
>> ---
>> security/loadpol/Makefile | 2 +-
>> security/loadpol/loadpol.c | 22 ++++++++++++
>> security/loadpol/loadpol.h | 27 ++++++++++++++
>> security/loadpol/loadpol_policy.c | 59 +++++++++++++++++++++++++++++++
>> 4 files changed, 109 insertions(+), 1 deletion(-)
>> create mode 100644 security/loadpol/loadpol_policy.c
>>
>> +
>> +struct loadpol_policy_entry {
>> + struct list_head list;
>> + // bitfield of policy_entry_origin
>
> The // comment style is not used in the kernel.
Counter:
https://lore.kernel.org/lkml/CA+55aFyQYJerovMsSoSKS7PessZBr4vNp-3QUUwhqk4A4_jcbg@mail.gmail.com/
--
~Randy
More information about the Linux-security-module-archive
mailing list