[PATCH v4 00/23] LSM: Module stacking for AppArmor
Kees Cook
keescook at chromium.org
Wed Jun 26 23:04:43 UTC 2019
On Wed, Jun 26, 2019 at 02:11:23PM -0700, John Johansen wrote:
> On 6/26/19 2:04 PM, Kees Cook wrote:
> > On Wed, Jun 26, 2019 at 12:22:11PM -0700, Casey Schaufler wrote:
> >> This patchset provides the changes required for
> >> the AppArmor security module to stack safely with any other.
> >>
>
>
> here v
>
> >> Because of the changes to slot handling and the rework of
> >> "display" I have not included the Reviewed-by tags from the
> >> previous version.
>
>
> >>
> >> v4: Incorporate feedback from v3
> >> - Mark new lsm_<blob>_alloc functions static
> >> - Replace the lsm and slot fields of the security_hook_list
> >> with a pointer to a LSM allocated lsm_id structure. The
> >> LSM identifies if it needs a slot explicitly. Use the
> >> lsm_id rather than make security_add_hooks return the
> >> slot value.
> >> - Validate slot values used in security.c
> >> - Reworked the "display" process attribute handling so that
> >> it works right and doesn't use goofy list processing.
> >> - fix display value check in dentry_init_security
> >> - Replace audit_log of secids with '?' instead of deleting
> >> the audit log
> >
> > I think you missed adding my and John's Reviewed-bys from v3?
> >
> Casey stated why above
Oops! Thanks! I skimmed too fast and only read the "v4" log. :P
--
Kees Cook
More information about the Linux-security-module-archive
mailing list