Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 076c54c5bcaed2081c0cba94a6f77c4d470236ad
commit076c54c5bcaed2081c0cba94a6f77c4d470236ad[log] [tgz]
authorAhmed S. Darwish <darwish.07@gmail.com>Thu Mar 06 18:09:10 2008 +0200
committerJames Morris <jmorris@namei.org>Sat Apr 19 10:00:51 2008 +1000
tree5e8f05cab20a49922618bb3af697a6b46e610eee
parent04305e4aff8b0533dc05f9f6f1a34d0796bd985f [diff]
Security: Introduce security= boot parameter

Add the security= boot parameter. This is done to avoid LSM
registration clashes in case of more than one bult-in module.

User can choose a security module to enable at boot. If no
security= boot parameter is specified, only the first LSM
asking for registration will be loaded. An invalid security
module name will be treated as if no module has been chosen.

LSM modules must check now if they are allowed to register
by calling security_module_enable(ops) first. Modify SELinux
and SMACK to do so.

Do not let SMACK register smackfs if it was not chosen on
boot. Smackfs assumes that smack hooks are registered and
the initial task security setup (swapper->security) is done.

Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Acked-by: James Morris <jmorris@namei.org>
8 files changed
tree: 5e8f05cab20a49922618bb3af697a6b46e610eee
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. fs/
  7. include/
  8. init/
  9. ipc/
  10. kernel/
  11. lib/
  12. mm/
  13. net/
  14. samples/
  15. scripts/
  16. security/
  17. sound/
  18. usr/
  19. virt/
  20. .gitignore
  21. .mailmap
  22. COPYING
  23. CREDITS
  24. Kbuild
  25. MAINTAINERS
  26. Makefile
  27. README
  28. REPORTING-BUGS