Re: [PATCH v2] LSM: Better reporting of actual LSMs at boot

From: Kees Cook
Date: Tue Nov 01 2022 - 20:53:09 EST

Next message: Daniel Golle: "[PATCH v4] net: ethernet: mediatek: ppe: add support for flow accounting"
Previous message: Andrew Lunn: "Re: [PATCH v3] net: ethernet: mediatek: ppe: add support for flow accounting"
In reply to: Casey Schaufler: "Re: [PATCH v2] LSM: Better reporting of actual LSMs at boot"
Next in thread: Mickaël Salaün: "Re: [PATCH v2] LSM: Better reporting of actual LSMs at boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On November 1, 2022 5:46:55 PM PDT, Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote:
>On 11/1/2022 5:05 PM, Kees Cook wrote:
>> Enhance the details reported by "lsm.debug" in several ways:
> [...]
>
>Acked-by: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>

Thanks!

>I'm curious about what is driving this change.

I was working on the ima stacking PoC and found the lsm.debug output confusing to read, and I wrote it. :P So, I wanted to clarify things and make sure stuff like lockdown was visible. Additionally, if we're going to keep the "lsm=" param as-is, I wanted it's value visible at boot so people would know what to start from when making changes.

-Kees

--
Kees Cook

Next message: Daniel Golle: "[PATCH v4] net: ethernet: mediatek: ppe: add support for flow accounting"
Previous message: Andrew Lunn: "Re: [PATCH v3] net: ethernet: mediatek: ppe: add support for flow accounting"
In reply to: Casey Schaufler: "Re: [PATCH v2] LSM: Better reporting of actual LSMs at boot"
Next in thread: Mickaël Salaün: "Re: [PATCH v2] LSM: Better reporting of actual LSMs at boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]