kernel-aes67/security
Ahmed S. Darwish 076c54c5bc Security: Introduce security= boot parameter
Add the security= boot parameter. This is done to avoid LSM
registration clashes in case of more than one bult-in module.

User can choose a security module to enable at boot. If no
security= boot parameter is specified, only the first LSM
asking for registration will be loaded. An invalid security
module name will be treated as if no module has been chosen.

LSM modules must check now if they are allowed to register
by calling security_module_enable(ops) first. Modify SELinux
and SMACK to do so.

Do not let SMACK register smackfs if it was not chosen on
boot. Smackfs assumes that smack hooks are registered and
the initial task security setup (swapper->security) is done.

Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Acked-by: James Morris <jmorris@namei.org>
2008-04-19 10:00:51 +10:00
..
keys security: replace remaining __FUNCTION__ occurrences 2008-04-18 20:26:07 +10:00
selinux Security: Introduce security= boot parameter 2008-04-19 10:00:51 +10:00
smack Security: Introduce security= boot parameter 2008-04-19 10:00:51 +10:00
capability.c file capabilities: remove cap_task_kill() 2008-03-20 09:46:36 -07:00
commoncap.c security: replace remaining __FUNCTION__ occurrences 2008-04-18 20:26:07 +10:00
dummy.c Security: Introduce security= boot parameter 2008-04-19 10:00:51 +10:00
inode.c Kobject: convert remaining kobject_unregister() to kobject_put() 2008-01-24 20:40:40 -08:00
Kconfig security: enhance DEFAULT_MMAP_MIN_ADDR description 2008-04-18 20:26:18 +10:00
Makefile Smack: Simplified Mandatory Access Control Kernel 2008-02-05 09:44:20 -08:00
root_plug.c security: replace remaining __FUNCTION__ occurrences 2008-04-18 20:26:07 +10:00
security.c Security: Introduce security= boot parameter 2008-04-19 10:00:51 +10:00