From: Casey Schaufler <casey@schaufler-ca.com>
To: casey.schaufler@intel.com, jmorris@namei.org,
linux-security-module@vger.kernel.org, selinux@vger.kernel.org
Cc: casey@schaufler-ca.com
Subject: [PATCH 50/90] fs: remove lsm_context scaffolding
Date: Thu, 18 Apr 2019 17:45:37 -0700 [thread overview]
Message-ID: <20190419004617.64627-51-casey@schaufler-ca.com> (raw)
In-Reply-To: <20190419004617.64627-1-casey@schaufler-ca.com>
The conversion from secctx/seclen pairs to the lsm_context
structure used scaffolding in kernfs and nfs. Replace the
secctx/seclen pairs in the filesystem local datastructures
with a lsm_context.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
---
fs/kernfs/dir.c | 9 +++------
fs/kernfs/inode.c | 13 +++++--------
fs/kernfs/kernfs-internal.h | 3 +--
fs/nfs/inode.c | 15 ++++++---------
fs/nfs/internal.h | 8 ++++----
fs/nfs/nfs4proc.c | 27 +++++++++++----------------
fs/nfs/nfs4xdr.c | 16 +++++++++-------
include/linux/nfs4.h | 8 ++++----
8 files changed, 43 insertions(+), 56 deletions(-)
diff --git a/fs/kernfs/dir.c b/fs/kernfs/dir.c
index 11672c075a8b..48506e856573 100644
--- a/fs/kernfs/dir.c
+++ b/fs/kernfs/dir.c
@@ -532,12 +532,9 @@ void kernfs_put(struct kernfs_node *kn)
kfree_const(kn->name);
if (kn->iattr) {
- if (kn->iattr->ia_secdata) {
- struct lsm_context lc; /* Scaffolding -Casey */
- lc.context = kn->iattr->ia_secdata;
- lc.len = kn->iattr->ia_secdata_len;
- security_release_secctx(&lc);
- }
+ if (kn->iattr->ia_context.context)
+ security_release_secctx(
+ &kn->iattr->ia_context);
simple_xattrs_free(&kn->iattr->xattrs);
kmem_cache_free(kernfs_iattrs_cache, kn->iattr);
}
diff --git a/fs/kernfs/inode.c b/fs/kernfs/inode.c
index 45781f0da80f..4c7da446d210 100644
--- a/fs/kernfs/inode.c
+++ b/fs/kernfs/inode.c
@@ -141,11 +141,11 @@ static int kernfs_node_setsecdata(struct kernfs_iattrs *attrs, void **secdata,
void *old_secdata;
size_t old_secdata_len;
- old_secdata = attrs->ia_secdata;
- old_secdata_len = attrs->ia_secdata_len;
+ old_secdata = attrs->ia_context.context;
+ old_secdata_len = attrs->ia_context.len;
- attrs->ia_secdata = *secdata;
- attrs->ia_secdata_len = *secdata_len;
+ attrs->ia_context.context = *secdata;
+ attrs->ia_context.len = *secdata_len;
*secdata = old_secdata;
*secdata_len = old_secdata_len;
@@ -184,7 +184,6 @@ static inline void set_inode_attr(struct inode *inode, struct iattr *iattr)
static void kernfs_refresh_inode(struct kernfs_node *kn, struct inode *inode)
{
struct kernfs_iattrs *attrs = kn->iattr;
- struct lsm_context lc; /* Scaffolding -Casey */
inode->i_mode = kn->mode;
if (attrs) {
@@ -193,9 +192,7 @@ static void kernfs_refresh_inode(struct kernfs_node *kn, struct inode *inode)
* persistent copy in kernfs_node.
*/
set_inode_attr(inode, &attrs->ia_iattr);
- lc.context = attrs->ia_secdata;
- lc.len = attrs->ia_secdata_len;
- security_inode_notifysecctx(inode, &lc);
+ security_inode_notifysecctx(inode, &attrs->ia_context);
}
if (kernfs_type(kn) == KERNFS_DIR)
diff --git a/fs/kernfs/kernfs-internal.h b/fs/kernfs/kernfs-internal.h
index 0b7d197a904c..2a870795bb3e 100644
--- a/fs/kernfs/kernfs-internal.h
+++ b/fs/kernfs/kernfs-internal.h
@@ -21,8 +21,7 @@
struct kernfs_iattrs {
struct iattr ia_iattr;
- void *ia_secdata;
- u32 ia_secdata_len;
+ struct lsm_context ia_context;
struct simple_xattrs xattrs;
};
diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c
index 8d0be9767b14..a9a3ec40a90c 100644
--- a/fs/nfs/inode.c
+++ b/fs/nfs/inode.c
@@ -340,22 +340,19 @@ static void nfs_clear_label_invalid(struct inode *inode)
void nfs_setsecurity(struct inode *inode, struct nfs_fattr *fattr,
struct nfs4_label *label)
{
- struct lsm_context lc; /* Scaffolding -Casey */
int error;
if (label == NULL)
return;
if ((fattr->valid & NFS_ATTR_FATTR_V4_SECURITY_LABEL) && inode->i_security) {
- lc.context = label->label;
- lc.len = label->len;
- error = security_inode_notifysecctx(inode, &lc);
+ error = security_inode_notifysecctx(inode, &label->context);
if (error)
printk(KERN_ERR "%s() %s %d "
"security_inode_notifysecctx() %d\n",
__func__,
- (char *)label->label,
- label->len, error);
+ label->context.context,
+ label->context.len, error);
nfs_clear_label_invalid(inode);
}
}
@@ -375,12 +372,12 @@ struct nfs4_label *nfs4_label_alloc(struct nfs_server *server, gfp_t flags)
if (label == NULL)
return ERR_PTR(-ENOMEM);
- label->label = kzalloc(NFS4_MAXLABELLEN, flags);
- if (label->label == NULL) {
+ label->context.context = kzalloc(NFS4_MAXLABELLEN, flags);
+ if (label->context.context == NULL) {
kfree(label);
return ERR_PTR(-ENOMEM);
}
- label->len = NFS4_MAXLABELLEN;
+ label->context.len = NFS4_MAXLABELLEN;
return label;
}
diff --git a/fs/nfs/internal.h b/fs/nfs/internal.h
index c7cf23ae6597..63de73024b5f 100644
--- a/fs/nfs/internal.h
+++ b/fs/nfs/internal.h
@@ -307,20 +307,20 @@ nfs4_label_copy(struct nfs4_label *dst, struct nfs4_label *src)
if (!dst || !src)
return NULL;
- if (src->len > NFS4_MAXLABELLEN)
+ if (src->context.len > NFS4_MAXLABELLEN)
return NULL;
dst->lfs = src->lfs;
dst->pi = src->pi;
- dst->len = src->len;
- memcpy(dst->label, src->label, src->len);
+ dst->context.len = src->context.len;
+ memcpy(dst->context.context, src->context.context, src->context.len);
return dst;
}
static inline void nfs4_label_free(struct nfs4_label *label)
{
if (label) {
- kfree(label->label);
+ kfree(label->context.context);
kfree(label);
}
return;
diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
index 8dee01eda643..b2480d0341f1 100644
--- a/fs/nfs/nfs4proc.c
+++ b/fs/nfs/nfs4proc.c
@@ -113,7 +113,6 @@ static inline struct nfs4_label *
nfs4_label_init_security(struct inode *dir, struct dentry *dentry,
struct iattr *sattr, struct nfs4_label *label)
{
- struct lsm_context lc; /* Scaffolding -Casey */
int err;
if (label == NULL)
@@ -123,9 +122,7 @@ nfs4_label_init_security(struct inode *dir, struct dentry *dentry,
return NULL;
err = security_dentry_init_security(dentry, sattr->ia_mode,
- &dentry->d_name, &lc);
- label->label = lc.context;
- label->len = lc.len;
+ &dentry->d_name, &label->context);
if (err == 0)
return label;
@@ -134,13 +131,8 @@ nfs4_label_init_security(struct inode *dir, struct dentry *dentry,
static inline void
nfs4_label_release_security(struct nfs4_label *label)
{
- struct lsm_context lc; /* Scaffolding -Casey */
-
- if (label) {
- lc.context = label->label;
- lc.len = label->len;
- security_release_secctx(&lc);
- }
+ if (label)
+ security_release_secctx(&label->context);
}
static inline u32 *nfs4_bitmask(struct nfs_server *server, struct nfs4_label *label)
{
@@ -3556,7 +3548,9 @@ nfs4_atomic_open(struct inode *dir, struct nfs_open_context *ctx,
int open_flags, struct iattr *attr, int *opened)
{
struct nfs4_state *state;
- struct nfs4_label l = {0, 0, 0, NULL}, *label = NULL;
+ struct nfs4_label *label = NULL;
+ struct nfs4_label l = {0, 0,
+ .context = { .context = NULL, .len = 0, }, };
label = nfs4_label_init_security(dir, ctx->dentry, attr, &l);
@@ -5595,7 +5589,8 @@ static int _nfs4_get_security_label(struct inode *inode, void *buf,
{
struct nfs_server *server = NFS_SERVER(inode);
struct nfs_fattr fattr;
- struct nfs4_label label = {0, 0, buflen, buf};
+ struct nfs4_label label = {0, 0,
+ .context = { .context = buf, .len = buflen, }, };
u32 bitmask[3] = { 0, 0, FATTR4_WORD2_SECURITY_LABEL };
struct nfs4_getattr_arg arg = {
@@ -5621,7 +5616,7 @@ static int _nfs4_get_security_label(struct inode *inode, void *buf,
return ret;
if (!(fattr.valid & NFS_ATTR_FATTR_V4_SECURITY_LABEL))
return -ENOENT;
- if (buflen < label.len)
+ if (buflen < label.context.len)
return -ERANGE;
return 0;
}
@@ -5713,8 +5708,8 @@ nfs4_set_security_label(struct inode *inode, const void *buf, size_t buflen)
ilabel.pi = 0;
ilabel.lfs = 0;
- ilabel.label = (char *)buf;
- ilabel.len = buflen;
+ ilabel.context.context = (char *)buf;
+ ilabel.context.len = buflen;
olabel = nfs4_label_alloc(NFS_SERVER(inode), GFP_KERNEL);
if (IS_ERR(olabel)) {
diff --git a/fs/nfs/nfs4xdr.c b/fs/nfs/nfs4xdr.c
index cfcabc33e24d..85a527ccd6d7 100644
--- a/fs/nfs/nfs4xdr.c
+++ b/fs/nfs/nfs4xdr.c
@@ -1141,7 +1141,7 @@ static void encode_attrs(struct xdr_stream *xdr, const struct iattr *iap,
}
if (label && (attrmask[2] & FATTR4_WORD2_SECURITY_LABEL)) {
- len += 4 + 4 + 4 + (XDR_QUADLEN(label->len) << 2);
+ len += 4 + 4 + 4 + (XDR_QUADLEN(label->context.len) << 2);
bmval[2] |= FATTR4_WORD2_SECURITY_LABEL;
}
@@ -1175,8 +1175,9 @@ static void encode_attrs(struct xdr_stream *xdr, const struct iattr *iap,
if (bmval[2] & FATTR4_WORD2_SECURITY_LABEL) {
*p++ = cpu_to_be32(label->lfs);
*p++ = cpu_to_be32(label->pi);
- *p++ = cpu_to_be32(label->len);
- p = xdr_encode_opaque_fixed(p, label->label, label->len);
+ *p++ = cpu_to_be32(label->context.len);
+ p = xdr_encode_opaque_fixed(p, label->context.context,
+ label->context.len);
}
if (bmval[2] & FATTR4_WORD2_MODE_UMASK) {
*p++ = cpu_to_be32(iap->ia_mode & S_IALLUGO);
@@ -4163,8 +4164,8 @@ static int decode_attr_security_label(struct xdr_stream *xdr, uint32_t *bitmap,
return -EIO;
if (len < NFS4_MAXLABELLEN) {
if (label) {
- memcpy(label->label, p, len);
- label->len = len;
+ memcpy(label->context.context, p, len);
+ label->context.len = len;
label->pi = pi;
label->lfs = lfs;
status = NFS_ATTR_FATTR_V4_SECURITY_LABEL;
@@ -4174,9 +4175,10 @@ static int decode_attr_security_label(struct xdr_stream *xdr, uint32_t *bitmap,
printk(KERN_WARNING "%s: label too long (%u)!\n",
__func__, len);
}
- if (label && label->label)
+ if (label && label->context.context)
dprintk("%s: label=%s, len=%d, PI=%d, LFS=%d\n", __func__,
- (char *)label->label, label->len, label->pi, label->lfs);
+ (char *)label->context.context, label->context.len,
+ label->pi, label->lfs);
return status;
}
diff --git a/include/linux/nfs4.h b/include/linux/nfs4.h
index 22494d170619..1189aad71592 100644
--- a/include/linux/nfs4.h
+++ b/include/linux/nfs4.h
@@ -15,6 +15,7 @@
#include <linux/list.h>
#include <linux/uidgid.h>
+#include <linux/security.h>
#include <uapi/linux/nfs4.h>
enum nfs4_acl_whotype {
@@ -43,10 +44,9 @@ struct nfs4_acl {
#define NFS4_MAXLABELLEN 2048
struct nfs4_label {
- uint32_t lfs;
- uint32_t pi;
- u32 len;
- char *label;
+ uint32_t lfs;
+ uint32_t pi;
+ struct lsm_context context;
};
typedef struct { char data[NFS4_VERIFIER_SIZE]; } nfs4_verifier;
--
2.19.1
next prev parent reply other threads:[~2019-04-19 0:48 UTC|newest]
Thread overview: 89+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-19 0:44 [PATCH 00/90] LSM: Module stacking for all Casey Schaufler
2019-04-19 0:44 ` [PATCH 01/90] LSM: Infrastructure management of the superblock Casey Schaufler
2019-04-19 0:44 ` [PATCH 02/90] LSM: Infrastructure management of the sock security Casey Schaufler
2019-04-19 0:44 ` [PATCH 03/90] LSM: Infrastructure management of the key security blob Casey Schaufler
2019-04-19 0:44 ` [PATCH 04/90] LSM: Create an lsm_export data structure Casey Schaufler
2019-04-19 0:44 ` [PATCH 05/90] LSM: Use lsm_export in the inode_getsecid hooks Casey Schaufler
2019-04-19 0:44 ` [PATCH 06/90] LSM: Use lsm_export in the cred_getsecid hooks Casey Schaufler
2019-04-19 0:44 ` [PATCH 07/90] LSM: Use lsm_export in the ipc_getsecid and task_getsecid hooks Casey Schaufler
2019-04-19 0:44 ` [PATCH 08/90] LSM: Use lsm_export in the kernel_ask_as hooks Casey Schaufler
2019-04-19 0:44 ` [PATCH 09/90] LSM: Use lsm_export in the getpeersec_dgram hooks Casey Schaufler
2019-04-19 0:44 ` [PATCH 10/90] LSM: Use lsm_export in the audit_rule_match hooks Casey Schaufler
2019-04-19 0:44 ` [PATCH 11/90] LSM: Fix logical operation in lsm_export checks Casey Schaufler
2019-04-19 0:44 ` [PATCH 12/90] LSM: Use lsm_export in the secid_to_secctx hooks Casey Schaufler
2019-04-19 0:45 ` [PATCH 13/90] LSM: Use lsm_export in the secctx_to_secid hooks Casey Schaufler
2019-04-19 0:45 ` [PATCH 14/90] LSM: Use lsm_export in security_audit_rule_match Casey Schaufler
2019-04-19 0:45 ` [PATCH 15/90] LSM: Use lsm_export in security_kernel_act_as Casey Schaufler
2019-04-19 0:45 ` [PATCH 16/90] LSM: Use lsm_export in security_socket_getpeersec_dgram Casey Schaufler
2019-04-19 0:45 ` [PATCH 17/90] LSM: Use lsm_export in security_secctx_to_secid Casey Schaufler
2019-04-19 0:45 ` [PATCH 18/90] LSM: Use lsm_export in security_secid_to_secctx Casey Schaufler
2019-04-19 0:45 ` [PATCH 19/90] LSM: Use lsm_export in security_ipc_getsecid Casey Schaufler
2019-04-19 0:45 ` [PATCH 20/90] LSM: Use lsm_export in security_task_getsecid Casey Schaufler
2019-04-19 0:45 ` [PATCH 21/90] LSM: Use lsm_export in security_inode_getsecid Casey Schaufler
2019-04-19 0:45 ` [PATCH 22/90] LSM: Use lsm_export in security_cred_getsecid Casey Schaufler
2019-04-19 0:45 ` [PATCH 23/90] Audit: Change audit_sig_sid to audit_sig_lsm Casey Schaufler
2019-04-19 0:45 ` [PATCH 24/90] Audit: Convert target_sid to an lsm_export structure Casey Schaufler
2019-04-19 0:45 ` [PATCH 25/90] Audit: Convert osid " Casey Schaufler
2019-04-19 0:45 ` [PATCH 26/90] IMA: Clean out lsm_export scaffolding Casey Schaufler
2019-04-19 0:45 ` [PATCH 27/90] NET: Change the UNIXCB from a secid to an lsm_export Casey Schaufler
2019-04-19 0:45 ` [PATCH 28/90] NET: Remove scaffolding on secmarks Casey Schaufler
2019-04-19 0:45 ` [PATCH 29/90] NET: Remove scaffolding on new secmarks Casey Schaufler
2019-04-19 0:45 ` [PATCH 30/90] NET: Remove netfilter scaffolding for lsm_export Casey Schaufler
2019-04-19 0:45 ` [PATCH 31/90] Netlabel: Replace secids with lsm_export Casey Schaufler
2019-04-19 0:45 ` [PATCH 32/90] LSM: Remove lsm_export scaffolding functions Casey Schaufler
2019-04-19 0:45 ` [PATCH 33/90] IMA: FIXUP prototype using lsm_export Casey Schaufler
2019-04-19 0:45 ` [PATCH 34/90] Smack: Restore the release_secctx hook Casey Schaufler
2019-04-19 0:45 ` [PATCH 35/90] AppArmor: Remove unnecessary hook stub Casey Schaufler
2019-04-19 0:45 ` [PATCH 36/90] LSM: Limit calls to certain module hooks Casey Schaufler
2019-04-19 0:45 ` [PATCH 37/90] LSM: Create a data structure for a security context Casey Schaufler
2019-04-19 0:45 ` [PATCH 38/90] LSM: Use lsm_context in secid_to_secctx hooks Casey Schaufler
2019-04-19 0:45 ` [PATCH 39/90] LSM: Use lsm_context in secctx_to_secid hooks Casey Schaufler
2019-04-19 0:45 ` [PATCH 40/90] LSM: Use lsm_context in inode_getsecctx hooks Casey Schaufler
2019-04-19 0:45 ` [PATCH 41/90] LSM: Use lsm_context in inode_notifysecctx hooks Casey Schaufler
2019-04-19 0:45 ` [PATCH 42/90] LSM: Use lsm_context in dentry_init_security hooks Casey Schaufler
2019-04-19 0:45 ` [PATCH 43/90] LSM: Use lsm_context in security_dentry_init_security Casey Schaufler
2019-04-19 0:45 ` [PATCH 44/90] LSM: Use lsm_context in security_inode_notifysecctx Casey Schaufler
2019-04-19 0:45 ` [PATCH 45/90] LSM: Use lsm_context in security_inode_getsecctx Casey Schaufler
2019-04-19 0:45 ` [PATCH 46/90] LSM: Use lsm_context in security_secctx_to_secid Casey Schaufler
2019-04-19 0:45 ` [PATCH 47/90] LSM: Use lsm_context in release_secctx hooks Casey Schaufler
2019-04-19 0:45 ` [PATCH 48/90] LSM: Use lsm_context in security_release_secctx Casey Schaufler
2019-04-19 0:45 ` [PATCH 49/90] LSM: Use lsm_context in security_secid_to_secctx Casey Schaufler
2019-04-19 0:45 ` Casey Schaufler [this message]
2019-04-19 0:45 ` [PATCH 51/90] LSM: Add the release function to the lsm_context Casey Schaufler
2019-04-19 0:45 ` [PATCH 52/90] LSM: Use lsm_context in inode_setsecctx hooks Casey Schaufler
2019-04-19 0:45 ` [PATCH 53/90] LSM: Use lsm_context in security_inode_setsecctx Casey Schaufler
2019-04-19 0:45 ` [PATCH 54/90] kernfs: remove lsm_context scaffolding Casey Schaufler
2019-04-19 0:45 ` [PATCH 55/90] LSM: Remove unused macro Casey Schaufler
2019-04-19 0:45 ` [PATCH 56/90] LSM: Special handling for secctx lsm hooks Casey Schaufler
2019-04-19 0:45 ` [PATCH 57/90] SELinux: Use blob offset in current_sid Casey Schaufler
2019-04-19 0:45 ` [PATCH 58/90] LSM: Specify which LSM to display Casey Schaufler
2019-04-19 0:45 ` [PATCH 59/90] AppArmor: Remove the exclusive flag Casey Schaufler
2019-04-19 0:45 ` [PATCH 60/90] LSM: Add secmark_relabel_packet to the set of one call hooks Casey Schaufler
2019-04-19 0:45 ` [PATCH 61/90] LSM: Make getting the secmark right cleaner Casey Schaufler
2019-04-19 0:45 ` [PATCH 62/90] netfilter: Fix memory leak introduced with lsm_context Casey Schaufler
2019-04-19 0:45 ` [PATCH 63/90] Smack: Consolidate secmark conversions Casey Schaufler
2019-04-19 0:45 ` [PATCH 64/90] netfilter: Remove unnecessary NULL check in lsm_context Casey Schaufler
2019-04-19 0:45 ` [PATCH 65/90] LSM: Add secmark refcounting to call_one list Casey Schaufler
2019-04-19 0:45 ` [PATCH 66/90] LSM: refactor security_setprocattr Casey Schaufler
2019-04-19 0:45 ` [PATCH 67/90] Smack: Detect if secmarks can be safely used Casey Schaufler
2019-04-19 0:45 ` [PATCH 68/90] LSM: Support multiple LSMs using inode_init_security Casey Schaufler
2019-04-19 0:45 ` [PATCH 69/90] LSM: Use full security context in security_inode_setsecctx Casey Schaufler
2019-04-22 13:13 ` Tetsuo Handa
2019-04-22 20:45 ` Casey Schaufler
2019-04-22 21:01 ` Tetsuo Handa
2019-04-19 0:45 ` [PATCH 70/90] LSM: Correct handling of ENOSYS in inode_setxattr Casey Schaufler
2019-04-19 0:45 ` [PATCH 71/90] LSM: Infrastructure security blobs for mount options Casey Schaufler
2019-04-19 0:45 ` [PATCH 72/90] LSM: Fix for security_init_inode_security Casey Schaufler
2019-04-19 0:46 ` [PATCH 73/90] Smack: Advertise the secid to netlabel Casey Schaufler
2019-04-19 0:46 ` [PATCH 74/90] LSM: Change error detection for UDP peer security Casey Schaufler
2019-04-19 0:46 ` [PATCH 75/90] Smack: Fix setting of the CIPSO MLS_CAT flags Casey Schaufler
2019-04-19 0:46 ` [PATCH 76/90] Smack: Set netlabel flags properly on new label import Casey Schaufler
2019-04-19 0:46 ` [PATCH 77/90] Netlabel: Add a secattr comparison API function Casey Schaufler
2019-04-19 0:46 ` [PATCH 78/90] Smack: Let netlabel do the work on the ambient domain Casey Schaufler
2019-04-19 0:46 ` [PATCH 79/90] Smack: Don't set the socket label on each send Casey Schaufler
2019-04-19 0:46 ` [PATCH 80/90] Smack: Let netlabel do the work on connections Casey Schaufler
2019-04-19 0:46 ` [PATCH 81/90] Netlabel: Return the labeling type on socket Casey Schaufler
2019-04-19 15:27 ` [PATCH 00/90] LSM: Module stacking for all Stephen Smalley
2019-04-21 17:31 ` Casey Schaufler
2019-04-22 12:46 ` Stephen Smalley
2019-04-22 16:10 ` Casey Schaufler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190419004617.64627-51-casey@schaufler-ca.com \
--to=casey@schaufler-ca.com \
--cc=casey.schaufler@intel.com \
--cc=jmorris@namei.org \
--cc=linux-security-module@vger.kernel.org \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).