On Wed, 2021-03-24 at 00:14 +0900, Tetsuo Handa wrote: > On 2021/03/23 23:47, Mimi Zohar wrote: > > Initially I also questioned making "integrity" an LSM. Perhaps it's > > time to reconsider. For now, it makes sense to just fix the NULL > > pointer dereferencing. > > Do we think calling panic() as "fix the NULL pointer dereferencing" ? Not supplying "integrity" as an "lsm=" option is a user error. There are only two options - allow or deny the caller to proceed. If the user is expecting the integrity subsystem to be properly working, returning a NULL and allowing the system to boot (RFC patch version) does not make sense. Better to fail early. Mimi
