On Sun, Feb 21, 2021 at 8:09 PM Mickaël Salaün <mic@xxxxxxxxxxx> wrote: > > > On 21/02/2021 09:47, Masahiro Yamada wrote: > > On Tue, Feb 16, 2021 at 3:14 AM Mickaël Salaün <mic@xxxxxxxxxxx> wrote: > >> > >> From: Mickaël Salaün <mic@xxxxxxxxxxxxxxxxxxx> > >> > >> Content of string configuration may depend on related kernel > >> configurations. Modify oldconfig and syncconfig to inform users about > >> possible required configuration update and give them the opportunity to > >> update it: > >> * if dependencies of this string has changed (e.g. enabled or disabled), > >> * and if the current value of this string is different than the (new) > >> default one. > >> > >> This is particularly relevant for CONFIG_LSM which contains a list of > >> LSMs enabled at boot, but users will not have a chance to update this > >> list with a make oldconfig. > > > > If CONFIG_LSM already exists in the .config, > > oldconfig does not show a prompt. > > This is the expected behavior. > > It is not the behavior wished for LSM stacking. Because LSM is doing wrong. > > > > You are trying to fix your problem in a wrong way. > > NACK. > > What do you suggest to ensure that users will be asked to update the > CONFIG_LSM string if they add or remove an LSM? Fix it in the security subsystem. Hint: See 050e9baa9dc9fbd9ce2b27f0056990fc9e0a08a0 -- Best Regards Masahiro Yamada
