[PATCH] lsm: preserve /proc/sys/vm/mmap_min_addr when !CONFIG_SECURITY
Paul Moore
paul at paul-moore.com
Mon Feb 2 16:19:36 UTC 2026
On Mon, Feb 2, 2026 at 5:53 AM Lorenzo Stoakes
<lorenzo.stoakes at oracle.com> wrote:
> On Thu, Jan 29, 2026 at 05:51:33PM -0500, Paul Moore wrote:
> > While reworking the LSM initialization code the
> > /proc/sys/vm/mmap_min_addr handler was inadvertently caught up in the
> > change and the procfs entry wasn't setup when CONFIG_SECURITY was not
> > selected at kernel build time. This patch restores the previous behavior
> > and ensures that the procfs entry is setup regardless of the
> > CONFIG_SECURITY state.
> >
> > Future work will improve upon this, likely by moving the procfs handler
> > into the mm subsystem, but this patch should resolve the immediate
> > regression.
> >
> > Fixes: 4ab5efcc2829 ("lsm: consolidate all of the LSM framework initcalls")
> > Reported-by: Lorenzo Stoakes <lorenzo.stoakes at oracle.com>
> > Signed-off-by: Paul Moore <paul at paul-moore.com>
>
> (Sorry was at fosdem from fri)
>
> LGTM and tested locally confirming it works, thanks so much for the quick
> turnaround! Feel free to add:
>
> Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes at oracle.com>
> Tested-by: Lorenzo Stoakes <lorenzo.stoakes at oracle.com>
>
> Cheers, Lorenzo
Thanks, for the original report, testing, and extra set of eyes! added
and updated lsm/stable-6.19, I'll be sending this to Linus shortly.
--
paul-moore.com
More information about the Linux-security-module-archive
mailing list