From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id CC13FC433E0 for ; Tue, 9 Jun 2020 20:06:50 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id B363F20734 for ; Tue, 9 Jun 2020 20:06:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732939AbgFIUGs (ORCPT ); Tue, 9 Jun 2020 16:06:48 -0400 Received: from out03.mta.xmission.com ([166.70.13.233]:43362 "EHLO out03.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731802AbgFIUGs (ORCPT ); Tue, 9 Jun 2020 16:06:48 -0400 Received: from in02.mta.xmission.com ([166.70.13.52]) by out03.mta.xmission.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1jikW5-0006JY-D5; Tue, 09 Jun 2020 14:06:37 -0600 Received: from ip68-227-160-95.om.om.cox.net ([68.227.160.95] helo=x220.xmission.com) by in02.mta.xmission.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.87) (envelope-from ) id 1jikW4-0000aA-OL; Tue, 09 Jun 2020 14:06:37 -0600 From: ebiederm@xmission.com (Eric W. Biederman) To: Alexei Starovoitov Cc: Tetsuo Handa , Linus Torvalds , Kees Cook , Andrew Morton , Alexei Starovoitov , David Miller , Al Viro , bpf , linux-fsdevel , Daniel Borkmann , Jakub Kicinski , Masahiro Yamada , Gary Lin , Bruno Meneguele References: <20200329005528.xeKtdz2A0%akpm@linux-foundation.org> <13fb3ab7-9ab1-b25f-52f2-40a6ca5655e1@i-love.sakura.ne.jp> <202006051903.C44988B@keescook> <875zc4c86z.fsf_-_@x220.int.ebiederm.org> <20200606201956.rvfanoqkevjcptfl@ast-mbp> <20200607014935.vhd3scr4qmawq7no@ast-mbp> <33cf7a57-0afa-9bb9-f831-61cca6c19eba@i-love.sakura.ne.jp> <20200608162306.iu35p4xoa2kcp3bu@ast-mbp.dhcp.thefacebook.com> Date: Tue, 09 Jun 2020 15:02:30 -0500 In-Reply-To: <20200608162306.iu35p4xoa2kcp3bu@ast-mbp.dhcp.thefacebook.com> (Alexei Starovoitov's message of "Mon, 8 Jun 2020 09:23:06 -0700") Message-ID: <87r1uo2ejt.fsf@x220.int.ebiederm.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-XM-SPF: eid=1jikW4-0000aA-OL;;;mid=<87r1uo2ejt.fsf@x220.int.ebiederm.org>;;;hst=in02.mta.xmission.com;;;ip=68.227.160.95;;;frm=ebiederm@xmission.com;;;spf=neutral X-XM-AID: U2FsdGVkX19gQTaRjO4Mx1juX3WAXHvndJoAGFsdmro= X-SA-Exim-Connect-IP: 68.227.160.95 X-SA-Exim-Mail-From: ebiederm@xmission.com Subject: Re: [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org Alexei Starovoitov writes: > bpf_lsm is that thing that needs to load and start acting early. > It's somewhat chicken and egg. fork_usermode_blob() will start a process > that will load and apply security policy to all further forks and > execs. What is the timeframe for bpf_lsm patches wanting to use fork_usermode_blob()? Are we possibly looking at something that will be ready for the next merge window? Eric