Re: [PATCH -v2 -mm] LSM: Add security= boot parameter
From: Ahmed S. Darwish
Date: Sun Mar 02 2008 - 02:59:15 EST
On Sat, Mar 01, 2008 at 07:41:04PM -0800, Casey Schaufler wrote:
>
> --- "Ahmed S. Darwish" <darwish.07@xxxxxxxxx> wrote:
> >
...
> >
> >
> > static struct security_operations selinux_ops = {
> > + .name = "selinux",
> > +
> > .ptrace = selinux_ptrace,
> > .capget = selinux_capget,
> > .capset_check = selinux_capset_check,
> > @@ -5420,7 +5422,8 @@ static __init int selinux_init(void)
> > {
> > struct task_security_struct *tsec;
> >
> > - if (!selinux_enabled) {
> > + if (!selinux_enabled || !security_module_enable(&selinux_ops)) {
> > + selinux_enabled = 0;
> > printk(KERN_INFO "SELinux: Disabled at boot.\n");
>
> How about "SELinux: Not enabled because LSM %s is already enabled.\n"
>
Looks better. I'll resend the patch once I know the answer of the SMP
point I asked about in the same thread.
Regards,
--
"Better to light a candle, than curse the darkness"
Ahmed S. Darwish
Homepage: http://darwish.07.googlepages.com
Blog: http://darwish-07.blogspot.com
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/