While working on backporting the fix for CVE-2021-39686 in the Android-"version" of the 4.4.y kernel I noticed the missing cred_getsecid hook introduced in e.g. 4.19.y by 3ec30113264a7bcd389f51d1738e42da0f41bb5a ( https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git/commit/?h=linux-4.19.y&id=3ec30113264a7bcd389f51d1738e42da0f41bb5a )

It seems the LSM security_* hooks haven't received updates for a while in this kernel. E.g. a source of error due to missed list HEAD init is due to 0302e28dee643932ee7b3c112ebccdbb9f8ec32c ( https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git/commit/?h=linux-4.19.y&id=0302e28dee643932ee7b3c112ebccdbb9f8ec32c ) merging in 3dfc9b02864b19f4dab376f14479ee4ad1de6c9e ( https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git/commit/security/security.c?h=linux-4.19.y&id=3dfc9b02864b19f4dab376f14479ee4ad1de6c9e ) which makes the HEAD initialization shorter and more reliable but trying to get that commit in results in quite a bit of merge conflicts as hooks have been added/removed in 4.19 which is not yet in 4.4.

Anyway: Are there any plans to synchronize the hooks in 4.4 with those in more recent kernels?

Regards,
Alexander