[$] Adding system calls for Linux security modules

The Linux security module (LSM) subsystem has long had limitations onwhich modules could be combined in a given running kernel. Some parts ofthe problem have been solved over the years-"smaller" LSMs can be combinedat will with a single, more complex LSM-but combining (or "stacking")SELinux with, say, Smack or AppArmor has never been possible. Back inOctober, we looked at the most recentattempt to add that ability, which resulted in patches to add two new systemcalls for LSM. By the end of December, the number of new system calls hadrisen to three.