From patchwork Tue Jan 29 18:54:24 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Micah Morton <mortonm@chromium.org>
X-Patchwork-Id: 10787017
Return-Path: <linux-security-module-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
 [172.30.200.125])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4B17013B4
	for <patchwork-linux-security-module@patchwork.kernel.org>;
 Tue, 29 Jan 2019 18:54:31 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 38AD72CC93
	for <patchwork-linux-security-module@patchwork.kernel.org>;
 Tue, 29 Jan 2019 18:54:31 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 2D32A2CD1D; Tue, 29 Jan 2019 18:54:31 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-7.0 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D5B292CC93
	for <patchwork-linux-security-module@patchwork.kernel.org>;
 Tue, 29 Jan 2019 18:54:30 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729225AbfA2Sya (ORCPT
        <rfc822;patchwork-linux-security-module@patchwork.kernel.org>);
        Tue, 29 Jan 2019 13:54:30 -0500
Received: from mail-yw1-f72.google.com ([209.85.161.72]:56600 "EHLO
        mail-yw1-f72.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726852AbfA2Sy3 (ORCPT
        <rfc822;linux-security-module@vger.kernel.org>);
        Tue, 29 Jan 2019 13:54:29 -0500
Received: by mail-yw1-f72.google.com with SMTP id t17so11762378ywc.23
        for <linux-security-module@vger.kernel.org>;
 Tue, 29 Jan 2019 10:54:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google;
        h=date:in-reply-to:message-id:mime-version:references:subject:from:to
         :cc;
        bh=G0epUqFu3AmCTsfTCZBWyuwLgZxvATnBae8HP0ixIfc=;
        b=MlUozkQMHxb5n/jPhkS4DTcTd4VsaPbttFo5x9eWIG8pksOUrzuTaW5m3iXV/mtKf/
         Y+9hTZdImQ2UdWUsejIhnp0zgbQ/Kp6z55CLpGu4Qc9zI+8hQXt7d9EgBJBfGmLDdRrV
         5jqbFq7ZYI3mp9uzYqL/v3dhYRegKkXLCNxvE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:in-reply-to:message-id:mime-version
         :references:subject:from:to:cc;
        bh=G0epUqFu3AmCTsfTCZBWyuwLgZxvATnBae8HP0ixIfc=;
        b=AhsS32z5aUBoJkaBZULOU+MS/K2mOKTr6ddybIpvmBmNlVDglBODUQtBa1LAyY9fmO
         RjIWlT5StjqdKa14aoe3LHsX6Eww4tgROf3iQEGbL/KcGxEE1l1QLFVhGWw6tYL0XOzr
         amTp/lYwHi/vnmyP/4DLvVTIDDYar8UY6kmXpy+6+605iCSn7akbbRB5F2GVJxd6owZh
         a6L3jZKQkiRHYyedtTBUXNuUAi7EAcZEGoupHK9fAZ2TmH1A2A4X4e50zVARG9L0+W12
         h4J77KE+zEzt+CPmrh5NhhlJwmMqlSJxP2/y+J6jbfX7JyGN4i+MUUbSHcCrAAIutoJM
         CRiA==
X-Gm-Message-State: AHQUAuZ4a0J+IRpKc8MJGoBCWxE0bWoKkd6reGZ+jsDoEPo4j8XXWBr+
        Ef+QO9j96oQn74asvff7m5DJWvS2+MJnxkBL
X-Google-Smtp-Source: 
 AHgI3IYuvkCaYCMYauiy4MF48g2nOFC0MFUTa63C0CTHb56BRwsat5DJrrNduvdch+8ZPCiFAxixBi2AOH0e66LH
X-Received: by 2002:a25:ca11:: with SMTP id a17mr2633199ybg.43.1548788068983;
 Tue, 29 Jan 2019 10:54:28 -0800 (PST)
Date: Tue, 29 Jan 2019 10:54:24 -0800
In-Reply-To: 
 <CAJ-EccMgDvx81g-XgWymdYn_G5Ou8mgbef3GUbx-C_Ai5qF-pQ@mail.gmail.com>
Message-Id: <20190129185424.251139-1-mortonm@chromium.org>
Mime-Version: 1.0
References: 
 <CAJ-EccMgDvx81g-XgWymdYn_G5Ou8mgbef3GUbx-C_Ai5qF-pQ@mail.gmail.com>
X-Mailer: git-send-email 2.20.1.495.gaa96b0ce6b-goog
Subject: [PATCH] LSM: SafeSetID: 'depend' on CONFIG_SECURITY
From: mortonm@chromium.org
To: rdunlap@infradead.org, sfr@canb.auug.org.au,
        linux-next@vger.kernel.org, linux-kernel@vger.kernel.org,
        linux-security-module@vger.kernel.org
Cc: Micah Morton <mortonm@chromium.org>
Sender: owner-linux-security-module@vger.kernel.org
Precedence: bulk
List-ID: <linux-security-module.vger.kernel.org>
X-Virus-Scanned: ClamAV using ClamSMTP

From: Micah Morton <mortonm@chromium.org>

This patch changes the Kconfig file for the SafeSetID LSM to depend on
CONFIG_SECURITY as well as select CONFIG_SECURITYFS, since the policies
for the LSM are configured through writing to securityfs.

Signed-off-by: Micah Morton <mortonm@chromium.org>
---
 security/safesetid/Kconfig | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/security/safesetid/Kconfig b/security/safesetid/Kconfig
index bf89a47ffcc8..4f415c4e3f93 100644
--- a/security/safesetid/Kconfig
+++ b/security/safesetid/Kconfig
@@ -1,5 +1,7 @@
 config SECURITY_SAFESETID
         bool "Gate setid transitions to limit CAP_SET{U/G}ID capabilities"
+        depends on SECURITY
+        select SECURITYFS
         default n
         help
           SafeSetID is an LSM module that gates the setid family of syscalls to