user/sven/linux.git/security/loadpin/Kconfig, branch v4.20

LoadPin: Rename boot param "enabled" to "enforce"

2018-10-18T22:29:44Z

LoadPin's "enabled" setting is really about enforcement, not whether or not the LSM is using LSM hooks. Instead, split this out so that LSM enabling can be logically distinct from whether enforcement is happening (for example, the pinning happens when the LSM is enabled, but the pin is only checked when "enforce" is set). This allows LoadPin to continue to operate sanely in test environments once LSM enable/disable is centrally handled (i.e. we want LoadPin to be enabled separately from its enforcement). Signed-off-by: Kees Cook Reviewed-by: Casey Schaufler Reviewed-by: John Johansen

LSM: LoadPin: provide enablement CONFIG

2016-05-17T10:10:30Z

Instead of being enabled by default when SECURITY_LOADPIN is selected, provide an additional (default off) config to determine the boot time behavior. As before, the "loadpin.enabled=0/1" kernel parameter remains available. Suggested-by: James Morris Signed-off-by: Kees Cook Signed-off-by: James Morris

LSM: LoadPin for kernel file loading restrictions

2016-04-21T00:47:27Z

This LSM enforces that kernel-loaded files (modules, firmware, etc) must all come from the same filesystem, with the expectation that such a filesystem is backed by a read-only device such as dm-verity or CDROM. This allows systems that have a verified and/or unchangeable filesystem to enforce module and firmware loading restrictions without needing to sign the files individually. Signed-off-by: Kees Cook Acked-by: Serge Hallyn Signed-off-by: James Morris