linux-man.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: "Michael Kerrisk (man-pages)" <mtk.manpages@gmail.com>
To: Heinrich Schuchardt <xypron.glpk@gmx.de>,
	Matthew Garrett <mjg59@google.com>
Cc: mtk.manpages@gmail.com, linux-man <linux-man@vger.kernel.org>,
	Ard Biesheuvel <ardb@kernel.org>,
	David Howells <dhowells@redhat.com>
Subject: Re: man kernel_lockdown.7
Date: Fri, 16 Oct 2020 08:43:51 +0200	[thread overview]
Message-ID: <7b9485d9-e286-a61e-63b6-15459dfc1f17@gmail.com> (raw)
In-Reply-To: <8831670f-1e25-d05b-02ab-c370e35a4143@gmx.de>

Hi Heinrich!

On 10/14/20 6:51 PM, Heinrich Schuchardt wrote:
> Hello Matthew,
> 
> With commit 000d388ed3bbed ("security: Add a static lockdown policy
> LSM") you added the following line to security/lockdown/lockdown.c:
> 
> pr_notice("Kernel is locked down from %s; see man kernel_lockdown.7\n"

This feature was in limbo for a very long time, but now I see that
it was finally merged last year:

  commit 000d388ed3bbed745f366ce71b2bb7c2ee70f449
  Author: Matthew Garrett <matthewgarrett@google.com>
  Date:   Mon Aug 19 17:17:39 2019 -0700

      security: Add a static lockdown policy LSM

I missed that that had been merged.

> The manpage is not available on
> 
> https://git.kernel.org/pub/scm/docs/man-pages/man-pages.git.
> 
> I found a rather outdated draft by David here:
> 
> https://lwn.net/Articles/735564/

I see that my Fedora system has a slightly different version
of that page (obviously added a Fedora patch). I'm not sure
which is more up to date; probably the Fedora page.

> Is anybody working on it?

Not so far. I suppose the simple thing would be to just merge
the page that exists on Fedora. But I've no idea how much it
needs tobe updated to reflect reality. Perhaps someone in CC
can comment. Do you have any time to drive this along?

Thanks,

Michael


-- 
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/

  reply	other threads:[~2020-10-16  6:43 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-10-14 16:51 man kernel_lockdown.7 Heinrich Schuchardt
2020-10-16  6:43 ` Michael Kerrisk (man-pages) [this message]
2020-10-16 11:28   ` [PATCH 1/1] kernel_lockdown.7: new file Heinrich Schuchardt
2020-10-16 11:40     ` Heinrich Schuchardt
2020-10-16 16:11       ` Michael Kerrisk (man-pages)
2020-10-16 16:09     ` Michael Kerrisk (man-pages)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=7b9485d9-e286-a61e-63b6-15459dfc1f17@gmail.com \
    --to=mtk.manpages@gmail.com \
    --cc=ardb@kernel.org \
    --cc=dhowells@redhat.com \
    --cc=linux-man@vger.kernel.org \
    --cc=mjg59@google.com \
    --cc=xypron.glpk@gmx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).