Re: [PATCH v2 05/20] randstruct: Whitelist struct security_hook_heads cast
From: Christoph Hellwig
Date: Sat May 27 2017 - 04:41:56 EST
On Fri, May 26, 2017 at 01:17:09PM -0700, Kees Cook wrote:
> The LSM initialization routines walk security_hook_heads as an array
> of struct list_head instead of via names to avoid a ton of needless
> source. Whitelist this to avoid the false positive warning from the
> plugin:
I think this crap just needs to be fixed properly. If not it almost
defeats the protections as the "security" ops are just about everywhere.