[apparmor] [PATCH bpf-next v4 11/20] bpf, lsm: Add disabled BPF LSM hook list
Alexei Starovoitov
alexei.starovoitov at gmail.com
Fri Jul 12 17:56:41 UTC 2024
On Thu, Jul 11, 2024 at 07:18:59PM +0800, Xu Kuohai wrote:
> From: Xu Kuohai <xukuohai at huawei.com>
>
> Add a disabled hooks list for BPF LSM. progs being attached to the
> listed hooks will be rejected by the verifier.
>
> Suggested-by: KP Singh <kpsingh at kernel.org>
> Signed-off-by: Xu Kuohai <xukuohai at huawei.com>
Xu,
The patches 11 and higher are mostly independent from lsm refactoring.
Please send them as a separate patchset for bpf-next.
While lsm cleanups are being reviewed this lsm_disabled list can be
a bit larger temporarily.
More information about the AppArmor
mailing list