On Tue, Oct 25, 2022 at 11:45:18AM -0700, Casey Schaufler wrote: > Create a system call to report the list of Linux Security Modules > that are active on the system. The list is provided as an array > of LSM ID numbers. > > The calling application can use this list determine what LSM > specific actions it might take. That might include chosing an > output format, determining required privilege or bypassing > security module specific behavior. > > Signed-off-by: Casey Schaufler <casey@xxxxxxxxxxxxxxxx> > --- > include/linux/syscalls.h | 1 + > kernel/sys_ni.c | 1 + > security/lsm_syscalls.c | 38 ++++++++++++++++++++++++++++++++++++++ > 3 files changed, 40 insertions(+) > > diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h > index 2d9033e9e5a0..02bb82142e24 100644 > --- a/include/linux/syscalls.h > +++ b/include/linux/syscalls.h > @@ -1058,6 +1058,7 @@ asmlinkage long sys_set_mempolicy_home_node(unsigned long start, unsigned long l > unsigned long home_node, > unsigned long flags); > asmlinkage long sys_lsm_self_attr(struct lsm_ctx *ctx, size_t *size, int flags); > +asmlinkage long sys_lsm_module_list(unsigned int *ids, size_t *size, int flags); Instead of "unsigned int", how about "u64" to make it portable properly? thanks, greg k-h
