On Tue, 21 May 2019, Matthew Garrett wrote: > Hi James, > > This is a quick attempt to integrate lockdown into the existing LSM > framework. It adds a new lockdown security hook and an LSM that defines > the existing coarse-grained policy, and also adds a new > DEFINE_EARLY_LSM() definition in order to permit lockdown (and > potentially other modules) to be initialised at the top of kernel init > in order to allow policy to be imposed on stuff that happens in > setup_arch(). The goal here is to allow policy to be devolved to other > LSMs on systems that have a secure mechanism for loading LSM policy > early in boot, allowing creation of arbitrarily complicated policies > without interfering with the common-case coarse-grained approach. > > This should probably be extended so a uapi-exposed constant is passed to > the hook in order to make it easier to write policy in other LSMs, but > does this broadly look like you were imagining?
This looks promising! An LSM could also potentially implement its own policy for the hook. -- James Morris <jmor...@namei.org>