From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-ua1-f67.google.com ([209.85.222.67]:37351 "EHLO mail-ua1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728239AbeIPXJa (ORCPT ); Sun, 16 Sep 2018 19:09:30 -0400 MIME-Version: 1.0 References: <3cd46663-e566-5ffc-32a4-00a90cd1346e@schaufler-ca.com> In-Reply-To: <3cd46663-e566-5ffc-32a4-00a90cd1346e@schaufler-ca.com> From: Salvatore Mesoraca Date: Sun, 16 Sep 2018 19:45:38 +0200 Message-ID: Subject: Re: [PATCH v2 00/10] LSM: Module stacking in support of S.A.R.A and Landlock To: casey@schaufler-ca.com Cc: James Morris , mic@digikod.net, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, selinux@tycho.nsa.gov, john.johansen@canonical.com, keescook@chromium.org, penguin-kernel@i-love.sakura.ne.jp, paul@paul-moore.com, sds@tycho.nsa.gov, linux-fsdevel@vger.kernel.org, adobriyan@gmail.com, casey.schaufler@intel.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-fsdevel-owner@vger.kernel.org List-ID: Casey Schaufler wrote: > > On 9/16/2018 9:54 AM, Salvatore Mesoraca wrote: > > On Wed, 12 Sep 2018, James Morris wrote: > >> Adding the SARA and LandLock authors for review & comment. > >> > >> Salvatore & Micka=C3=ABl: does this patchset meet your needs for mergi= ng to > >> mainline? > > Since the last time I submitted the patch to the ML, it grew a bit: now= it needs > > inode's blob stacking (which is already included for Landlock) and > > kern_ipc_perm's > > blob stacking. > > The last one isn't implemented in this patchset, but it isn't > > absolutely necessary. > > I can merge a version of SARA that doesn't need it and than update it > > when possible. > > I can provide the same level of protection without using kern_ipc_perm > > blob, I'm using it > > just to minimize some potential side effects. > > Adding kern_ipc_perm is easy. As it looks like there will need to be > a few revisions I will add it to the next set. Great! Thank you very much!