From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751168AbdEaUut (ORCPT ); Wed, 31 May 2017 16:50:49 -0400 Received: from lhrrgout.huawei.com ([194.213.3.17]:27919 "EHLO lhrrgout.huawei.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750952AbdEaUur (ORCPT ); Wed, 31 May 2017 16:50:47 -0400 Subject: Re: [PATCH v2] LSM: Convert security_hook_heads into explicit array of struct list_head To: James Morris , Tetsuo Handa CC: , , , Casey Schaufler , Christoph Hellwig , James Morris , Kees Cook , Paul Moore , Stephen Smalley References: <1495883858-3336-1-git-send-email-penguin-kernel@I-love.SAKURA.ne.jp> <1496003387-3184-1-git-send-email-penguin-kernel@I-love.SAKURA.ne.jp> From: Igor Stoppa Message-ID: <27e537cc-1d1c-1a48-d3fd-a04921f7b620@huawei.com> Date: Wed, 31 May 2017 23:49:34 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="utf-8" Content-Language: en-US Content-Transfer-Encoding: 7bit X-Originating-IP: [10.122.225.51] X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020201.592F2CA1.0023,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 10ea71e3c59bf37bb39a4ba5a5d13a05 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 30/05/17 13:32, James Morris wrote: > This seems like pointless churn in security-critical code in anticipation > of features which are still in development and may not be adopted. > > Is there a compelling reason to merge this now? (And I don't mean worrying > about non-existent compliers). I propose to take this patch as part of those I will be submitting. It took me some unplanned time to add support for hardened user copy, but now it's done - at least to a point that I can test it without failures. So I'm back on track to provide an example of the smalloc api and I can also use Tetsuo's work (thanks again, btw). This patch would be sandwiched between the smalloc ones and the LSM rework. It can get merged when the rest (hopefully) is merged. But I have a more prosaic question: since smalloc is affecting the memory subsystem, can it still be merged through the security tree? --- thanks, igor From mboxrd@z Thu Jan 1 00:00:00 1970 From: igor.stoppa@huawei.com (Igor Stoppa) Date: Wed, 31 May 2017 23:49:34 +0300 Subject: [PATCH v2] LSM: Convert security_hook_heads into explicit array of struct list_head In-Reply-To: References: <1495883858-3336-1-git-send-email-penguin-kernel@I-love.SAKURA.ne.jp> <1496003387-3184-1-git-send-email-penguin-kernel@I-love.SAKURA.ne.jp> Message-ID: <27e537cc-1d1c-1a48-d3fd-a04921f7b620@huawei.com> To: linux-security-module@vger.kernel.org List-Id: linux-security-module.vger.kernel.org On 30/05/17 13:32, James Morris wrote: > This seems like pointless churn in security-critical code in anticipation > of features which are still in development and may not be adopted. > > Is there a compelling reason to merge this now? (And I don't mean worrying > about non-existent compliers). I propose to take this patch as part of those I will be submitting. It took me some unplanned time to add support for hardened user copy, but now it's done - at least to a point that I can test it without failures. So I'm back on track to provide an example of the smalloc api and I can also use Tetsuo's work (thanks again, btw). This patch would be sandwiched between the smalloc ones and the LSM rework. It can get merged when the rest (hopefully) is merged. But I have a more prosaic question: since smalloc is affecting the memory subsystem, can it still be merged through the security tree? --- thanks, igor -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo at vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html From mboxrd@z Thu Jan 1 00:00:00 1970 References: <1495883858-3336-1-git-send-email-penguin-kernel@I-love.SAKURA.ne.jp> <1496003387-3184-1-git-send-email-penguin-kernel@I-love.SAKURA.ne.jp> From: Igor Stoppa Message-ID: <27e537cc-1d1c-1a48-d3fd-a04921f7b620@huawei.com> Date: Wed, 31 May 2017 23:49:34 +0300 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Subject: [kernel-hardening] Re: [PATCH v2] LSM: Convert security_hook_heads into explicit array of struct list_head To: James Morris , Tetsuo Handa Cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com, Casey Schaufler , Christoph Hellwig , James Morris , Kees Cook , Paul Moore , Stephen Smalley List-ID: On 30/05/17 13:32, James Morris wrote: > This seems like pointless churn in security-critical code in anticipation > of features which are still in development and may not be adopted. > > Is there a compelling reason to merge this now? (And I don't mean worrying > about non-existent compliers). I propose to take this patch as part of those I will be submitting. It took me some unplanned time to add support for hardened user copy, but now it's done - at least to a point that I can test it without failures. So I'm back on track to provide an example of the smalloc api and I can also use Tetsuo's work (thanks again, btw). This patch would be sandwiched between the smalloc ones and the LSM rework. It can get merged when the rest (hopefully) is merged. But I have a more prosaic question: since smalloc is affecting the memory subsystem, can it still be merged through the security tree? --- thanks, igor