[PATCH 04/10] CaitSith: Add header file.

Paul Moore paul at paul-moore.com
Wed Nov 9 02:20:26 UTC 2022


On Tue, Nov 8, 2022 at 5:20 AM Tetsuo Handa
<penguin-kernel at i-love.sakura.ne.jp> wrote:
> What I'm asking you are that:
>
>   Please don't lock out out-of-tree LSM modules (by requiring an LSM id integer value
>   which are assigned to only in-tree LSM modules) because we can't accept whatever LSM
>   modules as in-tree.
>
>   Please don't lock out loadable LSM modules (by using fixed sized array) because
>   locking out loadable LSM modules reduces the value of your LSM stacking work.
>
> Quite simple.

Tetsuo, at this point I think we all understand your concern and I
appreciate and respect the passion you have for your argument.
However, I think the rest of the developers, including myself, have
also made our points very clear.  While there may still be revisions
to the syscall patches, I believe identifying LSMs via a token value
as opposed to a string value is the better option for the upstream
Linux Kernel.  This alone should not prevent dynamically loadable LSMs
in the future, if we decide to pursue that, but I do recognize that it
will present more of a challenge for the long term maintenance of
out-of-tree LSMs.  I see no reason to trade off what I believe as a
better API choice (LSM ID tokens) for something that is explicitly not
supported by the Linux Kernel as a whole (out-of-tree kernel code).

Thank you for your comments, but I'm considering this settled.

-- 
paul-moore.com



More information about the Linux-security-module-archive mailing list