[PATCH] lsm: preserve /proc/sys/vm/mmap_min_addr when !CONFIG_SECURITY

[Paul Moore]

On Thu, Jan 29, 2026 at 8:31 PM Kees Cook <kees at kernel.org> wrote:
> On Thu, Jan 29, 2026 at 05:51:33PM -0500, Paul Moore wrote:
> > While reworking the LSM initialization code the
> > /proc/sys/vm/mmap_min_addr handler was inadvertently caught up in the
> > change and the procfs entry wasn't setup when CONFIG_SECURITY was not
> > selected at kernel build time.  This patch restores the previous behavior
> > and ensures that the procfs entry is setup regardless of the
> > CONFIG_SECURITY state.
> >
> > Future work will improve upon this, likely by moving the procfs handler
> > into the mm subsystem, but this patch should resolve the immediate
> > regression.
> >
> > Fixes: 4ab5efcc2829 ("lsm: consolidate all of the LSM framework initcalls")
> > Reported-by: Lorenzo Stoakes <lorenzo.stoakes at oracle.com>
> > Signed-off-by: Paul Moore <paul at paul-moore.com>
>
> Good catch and fix!
>
> Reviewed-by: Kees Cook <kees at kernel.org>

Merged into lsm/stable-6.19, with plans to send this to Linus early
next week after a day or two in linux-next.  Thanks everyone!

-- 
paul-moore.com