[PATCH v20 05/23] net: Prepare UDS for security module stacking
Paul Moore
paul at paul-moore.com
Sat Sep 5 13:25:13 UTC 2020
On Fri, Sep 4, 2020 at 7:58 PM Casey Schaufler <casey at schaufler-ca.com> wrote:
>
> On 9/4/2020 2:53 PM, Paul Moore wrote:
> > On Fri, Sep 4, 2020 at 5:35 PM Casey Schaufler <casey at schaufler-ca.com> wrote:
> >> On 9/4/2020 1:08 PM, Paul Moore wrote:
...
> > I understand the concerns you mention, they are all valid as far as
> > I'm concerned, but I think we are going to get burned by this code as
> > it currently stands.
>
> Yes, I can see that. We're getting burned by the non-extensibility
> of secids. It will take someone smarter than me to figure out how to
> fit N secids into 32bits without danger of either failure or memory
> allocation.
Sooo what are the next steps here? It sounds like there is some
agreement that the currently proposed unix_skb_params approach is a
problem, but it also sounds like you just want to merge it anyway?
I was sorta hoping for something a bit better.
--
paul moore
www.paul-moore.com
More information about the Linux-security-module-archive
mailing list