LSM: Add /sys/kernel/security/lsm I am still tired of having to find indirect ways to determine what security modules are active on a system. I have added /sys/kernel/security/lsm, which contains a comma separated list of the active security modules. No more groping around in /proc/filesystems or other clever hacks. Unchanged from previous versions except for being updated to the latest security next branch. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Acked-by: John Johansen <john.johansen@canonical.com> Acked-by: Paul Moore <paul@paul-moore.com> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <james.l.morris@oracle.com>

commit: d69dece5f5b6bc7a5e39d2b6136ddc69469331fe [log] [tgz]
author: Casey Schaufler <casey@schaufler-ca.com> Wed Jan 18 17:09:05 2017 -0800
committer: James Morris <james.l.morris@oracle.com> Thu Jan 19 13:18:29 2017 +1100
tree: b4c23177baf246a1f64b83442fc3359cbc0d8f38
parent: 3ccb76c5dfe0d25c1d0168d5b726d0b43d19a485 [diff] [blame]
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index c7c6619..fdc24ea 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c

@@ -6349,7 +6349,7 @@ static __init int selinux_init(void)
 					    0, SLAB_PANIC, NULL);
 	avc_init();
 
-	security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks));
+	security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), "selinux");
 
 	if (avc_add_callback(selinux_netcache_avc_callback, AVC_CALLBACK_RESET))
 		panic("SELinux: Unable to register AVC netcache callback\n");
commit	d69dece5f5b6bc7a5e39d2b6136ddc69469331fe	[log] [tgz]
author	Casey Schaufler <casey@schaufler-ca.com>	Wed Jan 18 17:09:05 2017 -0800
committer	James Morris <james.l.morris@oracle.com>	Thu Jan 19 13:18:29 2017 +1100
tree	b4c23177baf246a1f64b83442fc3359cbc0d8f38
parent	3ccb76c5dfe0d25c1d0168d5b726d0b43d19a485 [diff] [blame]