Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1034115AbcJ0XNk (ORCPT ); Thu, 27 Oct 2016 19:13:40 -0400 Received: from youngberry.canonical.com ([91.189.89.112]:44111 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S942916AbcJ0XNi (ORCPT ); Thu, 27 Oct 2016 19:13:38 -0400 Subject: Re: [PATCH v6 0/3] LSM: security module information improvements To: James Morris , Casey Schaufler References: <00f80c77-9623-7e9e-8980-63b362a4f16c@schaufler-ca.com> Cc: LSM , Paul Moore , Kees Cook , Stephen Smalley , Tetsuo Handa , LKLM From: John Johansen Organization: Canonical Message-ID: <5e40bbb4-1955-8432-e12a-690c924ccd5d@canonical.com> Date: Thu, 27 Oct 2016 15:57:21 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 751 Lines: 21 On 10/27/2016 03:32 PM, James Morris wrote: > On Wed, 26 Oct 2016, Casey Schaufler wrote: > >> Create interfaces that make it possible to deal with process >> attributes in the face of multiple "major" security modules. > > We don't have support for multiple major modules currently (perhaps ever), > so I'm not merging infrastructure which is only useful for them. > >> >> Patch 1/3 adds /sys/kernel/security/lsm, which provides >> a list of the active security modules on the system. >> >> $ cat /sys/kernel/security/lsm >> capability,yama,loadpin,smack > > This may make sense on its own. Has anyone requested this, or is likely > to adopt it into a distro? > > This is quite useful and Ubuntu will likely adopt it for the 17.04 release