On Sun, 23 Sep 2018, Casey Schaufler wrote: > > How do you plan to handle LKM-based LSMs? > > My position all along has been that I don't plan to handle LKM > based LSMs, but that I won't do anything to prevent someone else > from adding them later. I believe that I've done that. Several > designs, including a separate list for dynamically loaded modules > have been proposed. I think some of those would work. Dynamically loadable LSMs are a bad idea, per several previous discussions. As a general design concept, kernel security mechanisms should be invoked during boot, so we can reason about the overall state of the system at a given point. In any case, we do not need to take dynamic LSMs into account at this stage. We don't build infrastructure for non-existent features.
