| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20210222150608.808146-1-mic@digikod.net>
Date: Mon, 22 Feb 2021 16:06:07 +0100
From: Mickaël Salaün <mic@...ikod.net>
To: James Morris <jmorris@...ei.org>,
"Serge E . Hallyn" <serge@...lyn.com>
Cc: Mickaël Salaün <mic@...ikod.net>,
Casey Schaufler <casey@...aufler-ca.com>,
Kees Cook <keescook@...omium.org>,
linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org
Subject: [PATCH v3 0/1] Automatic LSM stack ordering
Hi,
This patch series gives the opportunity to users to not manually
configure the list of LSM enabled at boot but instead always rely on the
up-to-date list of existing LSMs. Indeed, CONFIG_LSM may never be
updated with a make oldconfig whereas users may select new LSMs over
time. With this patch, when running make oldconfig, a new option
CONFIG_LSM_AUTO is pre-selected to delegate LSM ordering to the kernel
developers, according to the user configuration.
This third series replace the previous virtual dependencies with a new
option to automatically enable all selected LSMs. This is cleaner,
simpler, and makes the transition more convenient.
This patch series can be applied on v5.11-7580-gea914b7ffbfd (or v5.11).
Previous version:
https://lore.kernel.org/r/20210215181511.2840674-1-mic@digikod.net
Mickaël Salaün (1):
security: Add CONFIG_LSM_AUTO to handle default LSM stack ordering
security/Kconfig | 19 +++++++++++++++++++
security/security.c | 26 +++++++++++++++++++++++++-
2 files changed, 44 insertions(+), 1 deletion(-)
base-commit: 31caf8b2a847214be856f843e251fc2ed2cd1075
--
2.30.0
Powered by blists - more mailing lists