Re: [RFC] Virtualization steps

[Eric W. Biederman]

Chris Wright <chrisw@xxxxxxxxxxxx> writes:

> * Eric W. Biederman (ebiederm@xxxxxxxxxxxx) wrote:
>> Very simple, it should be possible statically compile in
>> all of the security modules and be able to pick at run time which
>> security module to use.
>> 
>> Unless I have been very blind and missed something skimming
>> through the code compiling if I compile in all of the security
>> modules, whichever one is initialized first is the one
>> that we will use.
>
> I see.  No, you got that correct.  That's rather intentional, to make
> sure all objects are properly initialized as they are allocated rather
> than having to double check at every access control check.  That's why
> security_initcalls are so early.

Ok.  That make sense.  The fact that some of the security modules
besides selinux are tristate in Kconfig had me confused for a moment.

Controlling what to run with a kernel command line makes sense
then.

Having a generic command line like lsm=[selinux|root_plug|capability|seclvl]
would be nice.  Where nothing supplied would not enable any of
the linux security modules.

Eric
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/