Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751396AbbGaTJm (ORCPT ); Fri, 31 Jul 2015 15:09:42 -0400 Received: from mail-io0-f178.google.com ([209.85.223.178]:32967 "EHLO mail-io0-f178.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750948AbbGaTJk (ORCPT ); Fri, 31 Jul 2015 15:09:40 -0400 MIME-Version: 1.0 In-Reply-To: References: Date: Fri, 31 Jul 2015 12:09:40 -0700 X-Google-Sender-Auth: AA4K-y0WtYRKFCabz5jXz_lgDmg Message-ID: Subject: Re: [PATCH] Adding YAMA hooks also when YAMA is not stacked. From: Kees Cook To: Salvatore Mesoraca Cc: LKML , linux-security-module , James Morris , Casey Schaufler , trivial@kernel.org Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1244 Lines: 44 On Fri, Jul 31, 2015 at 12:55 AM, Salvatore Mesoraca wrote: > Without this patch YAMA will not work at all if it is chosen > as the primary LSM instead of being "stacked". Ah! Good catch, thank you! CONFIG based stacking for Yama will be removed 4.3, but this is appropriate for fixing in 4.2. James, can you take this and send it to Linus for 4.2-rc5? Acked-by: Kees Cook -Kees > > Signed-off-by: Salvatore Mesoraca > --- > security/yama/yama_lsm.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c > index 9ed3250..5ebb896 100644 > --- a/security/yama/yama_lsm.c > +++ b/security/yama/yama_lsm.c > @@ -406,6 +406,7 @@ static __init int yama_init(void) > */ > if (!security_module_enable("yama")) > return 0; > + yama_add_hooks(); > #endif > pr_info("Yama: becoming mindful.\n"); > > -- > 2.3.6 -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/