Evolution-X-Devices/kernel_xiaomi_mt6781
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bka
kernel_xiaomi_mt6781/security/lockdown/Makefile
Matthew Garrett 8c78ffcbaf BACKPORT: security: Add a static lockdown policy LSM 
While existing LSMs can be extended to handle lockdown policy,
distributions generally want to be able to apply a straightforward
static policy. This patch adds a simple LSM that can be configured to
reject either integrity or all lockdown queries, and can be configured
at runtime (through securityfs), boot time (via a kernel parameter) or
build time (via a kconfig option). Based on initial code by David
Howells.

Change-Id: I8d5769f550ee98d0482202aca9b7f1ade0c0d5a4
Signed-off-by: Matthew Garrett <mjg59@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Cc: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
2025-09-20 03:23:10 +01:00

2 lines
50 B
Makefile
Raw Permalink Blame History

obj-$(CONFIG_SECURITY_LOCKDOWN_LSM) += lockdown.o
Reference in New Issue View Git Blame Copy Permalink