On Thu, Mar 21, 2019 at 2:10 PM Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx> wrote: > > On 2019/03/22 1:38, Kees Cook wrote: > > This is mostly good. I'd like to keep the other LSMs listed though > > (similar to what I had originally) so that if a legacy-major doesn't > > initialize, later ones will be. I want to remove the concept of > > "major" LSMs. The only thing that should matter is init order... > > Excuse me? Are you saying that > > if a legacy-major (which is defined as the "Default security module") > doesn't initialize, later ones (any of selinux,smack,tomoyo,apparmor > except the one which is defined as "Default security module") will be > initialized > > ? That sounds strange to me. Any of selinux,smack,tomoyo,apparmor can be > initialized when specified by lsm= kernel command line option (or security= > kernel command line option if lsm= kernel command line option is not > specified), won't it? It breaks the backward-compat for the "security=" line. If a system is booted with CONFIG_LSM="minors...,apparmor" and "security=selinux", neither apparmor nor selinux will be initialized. The logic on "security=..." depends on the other LSMs being present in the list. -Kees -- Kees Cook
