[apparmor] [PATCH bpf-next v4 11/20] bpf, lsm: Add disabled BPF LSM hook list
Xu Kuohai
xukuohai at huaweicloud.com
Sat Jul 13 08:11:08 UTC 2024
On 7/13/2024 1:56 AM, Alexei Starovoitov wrote:
> On Thu, Jul 11, 2024 at 07:18:59PM +0800, Xu Kuohai wrote:
>> From: Xu Kuohai <xukuohai at huawei.com>
>>
>> Add a disabled hooks list for BPF LSM. progs being attached to the
>> listed hooks will be rejected by the verifier.
>>
>> Suggested-by: KP Singh <kpsingh at kernel.org>
>> Signed-off-by: Xu Kuohai <xukuohai at huawei.com>
>
> Xu,
>
> The patches 11 and higher are mostly independent from lsm refactoring.
> Please send them as a separate patchset for bpf-next.
> While lsm cleanups are being reviewed this lsm_disabled list can be
> a bit larger temporarily.
>
It's great to separate patches unrelated to bpf by temporarily extending
the lsm disabled list. I'll post an update. Thanks!
More information about the AppArmor
mailing list