mirror of
https://github.com/Fishwaldo/linux-bl808.git
synced 2025-06-17 20:25:19 +00:00
LSM: Separate idea of "major" LSM from "exclusive" LSM
In order to both support old "security=" Legacy Major LSM selection, and handling real exclusivity, this creates LSM_FLAG_EXCLUSIVE and updates the selection logic to handle them. Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
This commit is contained in:
Kees Cook
parent
7e611486d9
commit
14bd99c821
6 changed files with 17 additions and 4 deletions
|
|
@ -6989,7 +6989,7 @@ void selinux_complete_init(void)
|
|||
all processes and objects when they are created. */
|
||||
DEFINE_LSM(selinux) = {
|
||||
.name = "selinux",
|
||||
.flags = LSM_FLAG_LEGACY_MAJOR,
|
||||
.flags = LSM_FLAG_LEGACY_MAJOR | LSM_FLAG_EXCLUSIVE,
|
||||
.enabled = &selinux_enabled,
|
||||
.init = selinux_init,
|
||||
};
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue