[PATCH v15 01/23] LSM: Infrastructure management of the sock security
Paul Moore
paul at paul-moore.com
Fri Mar 6 20:37:41 UTC 2020
On Fri, Feb 14, 2020 at 6:42 PM Casey Schaufler <casey at schaufler-ca.com> wrote:
>
> Move management of the sock->sk_security blob out
> of the individual security modules and into the security
> infrastructure. Instead of allocating the blobs from within
> the modules the modules tell the infrastructure how much
> space is required, and the space is allocated there.
>
> Reviewed-by: Kees Cook <keescook at chromium.org>
> Reviewed-by: John Johansen <john.johansen at canonical.com>
> Acked-by: Stephen Smalley <sds at tycho.nsa.gov>
> Signed-off-by: Casey Schaufler <casey at schaufler-ca.com>
> ---
> include/linux/lsm_hooks.h | 1 +
> security/apparmor/include/net.h | 6 ++-
> security/apparmor/lsm.c | 38 ++++-----------
> security/security.c | 36 +++++++++++++-
> security/selinux/hooks.c | 78 +++++++++++++++----------------
> security/selinux/include/objsec.h | 5 ++
> security/selinux/netlabel.c | 23 ++++-----
> security/smack/smack.h | 5 ++
> security/smack/smack_lsm.c | 64 ++++++++++++-------------
> security/smack/smack_netfilter.c | 8 ++--
> 10 files changed, 144 insertions(+), 120 deletions(-)
Stephen already ACK'd this patch, but more acks/reviews are always
better so you can add my ACK as well.
Acked-by: Paul Moore <paul at paul-moore.com>
--
paul moore
www.paul-moore.com
More information about the Linux-security-module-archive
mailing list