config SECURITY_CHROMIUMOS
	bool "Chromium OS Security Module"
	depends on SECURITY
	depends on X86_64 || ARM64
	help
	  The purpose of the Chromium OS security module is to reduce attacking
	  surface by preventing access to general purpose access modes not
	  required by Chromium OS. Currently: the mount operation is
	  restricted by requiring a mount point path without symbolic links,
	  and loading modules is limited to only the root filesystem. This
	  LSM is stacked ahead of any primary "full" LSM.

config SECURITY_CHROMIUMOS_NO_SYMLINK_MOUNT
	bool "Chromium OS Security: prohibit mount to symlinked target"
	depends on SECURITY_CHROMIUMOS
	default y
	help
	  When enabled mount() syscall will return ELOOP whenever target path
	  contains any symlinks.

config SECURITY_CHROMIUMOS_NO_UNPRIVILEGED_UNSAFE_MOUNTS
	bool "Chromium OS Security: prohibit unsafe mounts in unprivileged user namespaces"
	depends on SECURITY_CHROMIUMOS
	default y
	help
	  When enabled, mount() syscall will return EPERM whenever a new mount
	  is attempted that would cause the filesystem to have the exec, suid,
	  or dev flags if the caller does not have the CAP_SYS_ADMIN capability
	  in the init namespace.