On 11/3/2021 2:42 AM, Roberto Sassu wrote:
+ +/** + * ipe_init_securityfs: Initialize IPE's securityfs tree at fsinit + * + * Return: + * !0 - Error + * 0 - OK + */ +static int __init ipe_init_securityfs(void) +{ + int rc = 0; + struct ipe_context *ctx = NULL; + + ctx = ipe_current_ctx();Hi Deven the instruction above should be executed only if IPE LSM is enabled. Otherwise, the kernel panics due to the illegal access to the security blob of the task.
I see. I mistakenly assumed that failure in the LSM init would cause a kernel panic (as the system is now booting without a potentially required security component) as opposed to just disabling the LSM and emitting a warning. Easy fix for v8. Thanks for pointing it out.
|