diff options
author | Kees Cook <keescook@chromium.org> | 2017-05-13 13:51:43 +0200 |
---|---|---|
committer | Jonathan Corbet <corbet@lwn.net> | 2017-05-18 18:31:24 +0200 |
commit | 504f231cda569b5e4e48d81a35376641552a5092 (patch) | |
tree | 13d929f787804f6181b65df225e74d70ff1e9e22 /Documentation/admin-guide/LSM | |
parent | doc: security: minor cleanups to build kernel-doc (diff) | |
download | linux-504f231cda569b5e4e48d81a35376641552a5092.tar.xz linux-504f231cda569b5e4e48d81a35376641552a5092.zip |
doc: ReSTify and split LSM.txt
The existing LSM.txt file covered both usage and development, so split
this into two files, one under admin-guide and one under kernel
development.
Cc: James Morris <james.l.morris@oracle.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Diffstat (limited to 'Documentation/admin-guide/LSM')
-rw-r--r-- | Documentation/admin-guide/LSM/index.rst | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/Documentation/admin-guide/LSM/index.rst b/Documentation/admin-guide/LSM/index.rst new file mode 100644 index 000000000000..7e892b9b58aa --- /dev/null +++ b/Documentation/admin-guide/LSM/index.rst @@ -0,0 +1,31 @@ +=========================== +Linux Security Module Usage +=========================== + +The Linux Security Module (LSM) framework provides a mechanism for +various security checks to be hooked by new kernel extensions. The name +"module" is a bit of a misnomer since these extensions are not actually +loadable kernel modules. Instead, they are selectable at build-time via +CONFIG_DEFAULT_SECURITY and can be overridden at boot-time via the +``"security=..."`` kernel command line argument, in the case where multiple +LSMs were built into a given kernel. + +The primary users of the LSM interface are Mandatory Access Control +(MAC) extensions which provide a comprehensive security policy. Examples +include SELinux, Smack, Tomoyo, and AppArmor. In addition to the larger +MAC extensions, other extensions can be built using the LSM to provide +specific changes to system operation when these tweaks are not available +in the core functionality of Linux itself. + +Without a specific LSM built into the kernel, the default LSM will be the +Linux capabilities system. Most LSMs choose to extend the capabilities +system, building their checks on top of the defined capability hooks. +For more details on capabilities, see ``capabilities(7)`` in the Linux +man-pages project. + +A list of the active security modules can be found by reading +``/sys/kernel/security/lsm``. This is a comma separated list, and +will always include the capability module. The list reflects the +order in which checks are made. The capability module will always +be first, followed by any "minor" modules (e.g. Yama) and then +the one "major" module (e.g. SELinux) if there is one configured. |