diff options
author | Kees Cook <keescook@chromium.org> | 2018-09-19 23:32:15 +0300 |
---|---|---|
committer | Kees Cook <keescook@chromium.org> | 2019-01-09 00:18:43 +0300 |
commit | 7e611486d905f435faf80969deed68a615019e6b (patch) | |
tree | 2454816badf417db4dd7f5005d3c180d0771b4ae | |
parent | 5ef4e41918b2dffffa445d8d3a45f3dc257920dc (diff) | |
download | linux-7e611486d905f435faf80969deed68a615019e6b.tar.xz |
LSM: Refactor "security=" in terms of enable/disable
For what are marked as the Legacy Major LSMs, make them effectively
exclusive when selected on the "security=" boot parameter, to handle
the future case of when a previously major LSMs become non-exclusive
(e.g. when TOMOYO starts blob-sharing).
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
-rw-r--r-- | security/security.c | 28 |
1 files changed, 20 insertions, 8 deletions
diff --git a/security/security.c b/security/security.c index 1e1f34285e96..88de6b073246 100644 --- a/security/security.c +++ b/security/security.c @@ -129,14 +129,6 @@ static bool __init lsm_allowed(struct lsm_info *lsm) if (!is_enabled(lsm)) return false; - /* Skip major-specific checks if not a major LSM. */ - if ((lsm->flags & LSM_FLAG_LEGACY_MAJOR) == 0) - return true; - - /* Disabled if this LSM isn't the chosen one. */ - if (strcmp(lsm->name, chosen_major_lsm) != 0) - return false; - return true; } @@ -164,8 +156,28 @@ static void __init ordered_lsm_parse(const char *order, const char *origin) struct lsm_info *lsm; char *sep, *name, *next; + /* Process "security=", if given. */ if (!chosen_major_lsm) chosen_major_lsm = CONFIG_DEFAULT_SECURITY; + if (chosen_major_lsm) { + struct lsm_info *major; + + /* + * To match the original "security=" behavior, this + * explicitly does NOT fallback to another Legacy Major + * if the selected one was separately disabled: disable + * all non-matching Legacy Major LSMs. + */ + for (major = __start_lsm_info; major < __end_lsm_info; + major++) { + if ((major->flags & LSM_FLAG_LEGACY_MAJOR) && + strcmp(major->name, chosen_major_lsm) != 0) { + set_enabled(major, false); + init_debug("security=%s disabled: %s\n", + chosen_major_lsm, major->name); + } + } + } sep = kstrdup(order, GFP_KERNEL); next = sep; |