Re: [PATCH] bpf: lsm: Disable or enable BPF LSM at boot time

From: Daniel Borkmann
Date: Mon Jul 06 2020 - 14:51:42 EST

Next message: Prashant Malani: "Re: [PATCH] platform/chrome: cros_ec_proto: Convert EC error codes to Linux error codes"
Previous message: Puranjay Mohan: "[PATCH v2] Security: Documentation: Replace deprecated :c:func: Usage"
In reply to: Lorenzo Fontana: "[PATCH] bpf: lsm: Disable or enable BPF LSM at boot time"
Next in thread: KP Singh: "Re: [PATCH] bpf: lsm: Disable or enable BPF LSM at boot time"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 7/6/20 6:57 PM, Lorenzo Fontana wrote:

This option adds a kernel parameter 'bpf_lsm',
which allows the BPF LSM to be disabled at boot.
The purpose of this option is to allow a single kernel
image to be distributed with the BPF LSM built in,
but not necessarily enabled.

Signed-off-by: Lorenzo Fontana <fontanalorenz@xxxxxxxxx>

Well, this explains what the patch is doing but not *why* you need it exactly.
Please explain your concrete use-case for this patch.

Thanks,
Daniel

Next message: Prashant Malani: "Re: [PATCH] platform/chrome: cros_ec_proto: Convert EC error codes to Linux error codes"
Previous message: Puranjay Mohan: "[PATCH v2] Security: Documentation: Replace deprecated :c:func: Usage"
In reply to: Lorenzo Fontana: "[PATCH] bpf: lsm: Disable or enable BPF LSM at boot time"
Next in thread: KP Singh: "Re: [PATCH] bpf: lsm: Disable or enable BPF LSM at boot time"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]