[PATCH v3 0/1] Automatic LSM stack ordering

From: Mickaël Salaün
Date: Mon Feb 22 2021 - 10:06:07 EST

Next message: Mickaël Salaün: "[PATCH v3 1/1] security: Add CONFIG_LSM_AUTO to handle default LSM stack ordering"
Previous message: Oleksij Rempel: "[PATCH net v3] net: introduce CAN specific pointer in the struct net_device"
Next in thread: Mickaël Salaün: "[PATCH v3 1/1] security: Add CONFIG_LSM_AUTO to handle default LSM stack ordering"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

This patch series gives the opportunity to users to not manually
configure the list of LSM enabled at boot but instead always rely on the
up-to-date list of existing LSMs. Indeed, CONFIG_LSM may never be
updated with a make oldconfig whereas users may select new LSMs over
time. With this patch, when running make oldconfig, a new option
CONFIG_LSM_AUTO is pre-selected to delegate LSM ordering to the kernel
developers, according to the user configuration.

This third series replace the previous virtual dependencies with a new
option to automatically enable all selected LSMs. This is cleaner,
simpler, and makes the transition more convenient.

This patch series can be applied on v5.11-7580-gea914b7ffbfd (or v5.11).
Previous version:
https://lore.kernel.org/r/20210215181511.2840674-1-mic@xxxxxxxxxxx

Mickaël Salaün (1):
security: Add CONFIG_LSM_AUTO to handle default LSM stack ordering

security/Kconfig | 19 +++++++++++++++++++
security/security.c | 26 +++++++++++++++++++++++++-
2 files changed, 44 insertions(+), 1 deletion(-)

base-commit: 31caf8b2a847214be856f843e251fc2ed2cd1075
--
2.30.0

Next message: Mickaël Salaün: "[PATCH v3 1/1] security: Add CONFIG_LSM_AUTO to handle default LSM stack ordering"
Previous message: Oleksij Rempel: "[PATCH net v3] net: introduce CAN specific pointer in the struct net_device"
Next in thread: Mickaël Salaün: "[PATCH v3 1/1] security: Add CONFIG_LSM_AUTO to handle default LSM stack ordering"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]