[PATCH V6 1/2] security: Add a cred_getsecid hook

Mimi Zohar zohar at linux.vnet.ibm.com
Thu Jan 25 13:02:53 UTC 2018

On Thu, 2018-01-25 at 11:58 +1100, Matthew Garrett wrote:
> On Mon, Jan 22, 2018 at 5:14 PM, Casey Schaufler <casey at schaufler-ca.com> wrote:
> > On 1/21/2018 9:27 PM, Matthew Garrett wrote:
> >> On Tue, Jan 9, 2018 at 8:36 AM, Matthew Garrett <mjg59 at google.com> wrote:
> >>> For IMA purposes, we want to be able to obtain the prepared secid in the
> >>> bprm structure before the credentials are committed. Add a cred_getsecid
> >>> hook that makes this possible.
> >> Any feedback on this version of the set?
> >
> >
> > Sorry for the delay. I'm having a mindset crisis on secids just
> > now, and I'm not completely sure if I have any issue with this
> > particular hook. Don't wait for me. If everyone else is OK with
> > it, go ahead.
> Thanks Casey - Mimi, are you ok with the IMA changes? If so, which
> tree should these go through?

The IMA patch needs to be upstreamed via the IMA tree, but the only
additional IMA patches being upstreamed for 4.16, at this point, are
bug fixes.

Sorry, I'm only getting back to this now.  Assuming all is good with
the patch, I'll queue it for after resync'ing with ~4.16.0-rc2.



To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

More information about the Linux-security-module-archive mailing list