| From: |
| Casey Schaufler <casey-AT-schaufler-ca.com> |
| To: |
| casey-AT-schaufler-ca.com, paul-AT-paul-moore.com, eparis-AT-redhat.com, linux-security-module-AT-vger.kernel.org |
| Subject: |
| [PATCH v2 0/2] LSM: Multiple LSM mount options |
| Date: |
| Thu, 25 Sep 2025 10:12:06 -0700 |
| Message-ID: |
| <20250925171208.5997-1-casey@schaufler-ca.com> |
| Cc: |
| jmorris-AT-namei.org, serge-AT-hallyn.com, keescook-AT-chromium.org, john.johansen-AT-canonical.com, penguin-kernel-AT-i-love.sakura.ne.jp, stephen.smalley.work-AT-gmail.com, linux-kernel-AT-vger.kernel.org, selinux-AT-vger.kernel.org |
| Archive-link: |
| Article |
Linux Security Module (LSM) that support mount options, currently SELinux
and Smack, allocate their own data for those options. This patch set
moves the handling of mount option data out of the individual LSMs and
into the LSM infrastructure. This allows for multiple LSMs to support
mount options at the same time.
https://github.com/cschaufler/lsm-stacking#mount-opts-6.1...
v2: Significant rewrite to move allocations out of the LSMs.
Casey Schaufler (2):
LSM: Add mount opts blob size tracking
LSM: Infrastructure management of the mnt_opts security blob
include/linux/lsm_hooks.h | 1 +
security/security.c | 44 ++++++++++++++++++
security/selinux/hooks.c | 76 ++++++++++---------------------
security/selinux/include/objsec.h | 8 ++++
security/smack/smack.h | 8 ++++
security/smack/smack_lsm.c | 45 +++++-------------
6 files changed, 97 insertions(+), 85 deletions(-)
--
2.51.0
