Hi, This patch series gives the opportunity to users to not manually configure the list of LSM enabled at boot but instead always rely on the up-to-date list of existing LSMs. Indeed, CONFIG_LSM may never be updated with a make oldconfig whereas users may select new LSMs over time. With this patch, when running make oldconfig, a new option CONFIG_LSM_AUTO is pre-selected to delegate LSM ordering to the kernel developers, according to the user configuration.
This third series replace the previous virtual dependencies with a new option to automatically enable all selected LSMs. This is cleaner, simpler, and makes the transition more convenient. This patch series can be applied on v5.11-7580-gea914b7ffbfd (or v5.11). Previous version: https://lore.kernel.org/r/20210215181511.2840674-1-...@digikod.net Mickaël Salaün (1): security: Add CONFIG_LSM_AUTO to handle default LSM stack ordering security/Kconfig | 19 +++++++++++++++++++ security/security.c | 26 +++++++++++++++++++++++++- 2 files changed, 44 insertions(+), 1 deletion(-) base-commit: 31caf8b2a847214be856f843e251fc2ed2cd1075 -- 2.30.0
