tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'lsm-pr-20260202' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm

Pull lsm fix from Paul Moore:
"A small patch to address a regression found in the v6.19-rcX releases
where the /proc/sys/vm/mmap_min_addr tunable disappeared when
CONFIG_SECURITY was not selected.

Long term we plan to work with the MM folks to get the core parts of
this moved over to the MM subsystem, but in the meantime we need to
fix this regression prior to the v6.19 release"

* tag 'lsm-pr-20260202' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm:
lsm: preserve /proc/sys/vm/mmap_min_addr when !CONFIG_SECURITY

Linus Torvalds dee65f79 18f7fcd5

+3 -18
-9
security/lsm.h
··· 37 37 38 38 /* LSM framework initializers */ 39 39 40 - #ifdef CONFIG_MMU 41 - int min_addr_init(void); 42 - #else 43 - static inline int min_addr_init(void) 44 - { 45 - return 0; 46 - } 47 - #endif /* CONFIG_MMU */ 48 - 49 40 #ifdef CONFIG_SECURITYFS 50 41 int securityfs_init(void); 51 42 #else
+1 -6
security/lsm_init.c
··· 489 489 */ 490 490 static int __init security_initcall_pure(void) 491 491 { 492 - int rc_adr, rc_lsm; 493 - 494 - rc_adr = min_addr_init(); 495 - rc_lsm = lsm_initcall(pure); 496 - 497 - return (rc_adr ? rc_adr : rc_lsm); 492 + return lsm_initcall(pure); 498 493 } 499 494 pure_initcall(security_initcall_pure); 500 495
+2 -3
security/min_addr.c
··· 5 5 #include <linux/sysctl.h> 6 6 #include <linux/minmax.h> 7 7 8 - #include "lsm.h" 9 - 10 8 /* amount of vm to protect from userspace access by both DAC and the LSM*/ 11 9 unsigned long mmap_min_addr; 12 10 /* amount of vm to protect from userspace using CAP_SYS_RAWIO (DAC) */ ··· 52 54 }, 53 55 }; 54 56 55 - int __init min_addr_init(void) 57 + static int __init mmap_min_addr_init(void) 56 58 { 57 59 register_sysctl_init("vm", min_addr_sysctl_table); 58 60 update_mmap_min_addr(); 59 61 60 62 return 0; 61 63 } 64 + pure_initcall(mmap_min_addr_init);