On Wed, Oct 3, 2018 at 4:59 PM, Randy Dunlap <rdunlap@xxxxxxxxxxxxx> wrote: > To me, "security=selinux" means SELinux and nothing else, so I think that > all of these params are inviting a lot of confusion. > > Sorry, I don't have a good answer for this. This part, at least, has a pretty clear solution. :) The consensus is to limit "security=" to what have been considered the "major" LSMs" so it'll work in spirit the way it was designed. The goal of the new options, though, is to find something that'll fit all the ways LSMs are getting used: the majors, the minors, and the coming "medium" LSMs. The precedent is pretty good here, since "security=" already ignores the minor LSMs: Yama and LoadPin. So it'll just control the enable/disable of the "major" LSMs, who will carry an internal marking indicating that they're mediated by "security=" (and no new LSMs would get this marking). -Kees -- Kees Cook Pixel Security
