[PATCH v1 2/8] LSM: Add an LSM identifier for external use
Casey Schaufler
casey at schaufler-ca.com
Fri Oct 28 16:54:59 UTC 2022
On 10/26/2022 11:31 PM, Greg KH wrote:
> On Wed, Oct 26, 2022 at 12:36:34PM -0700, Casey Schaufler wrote:
>>>> + *
>>>> + * Copyright (C) 2022 Casey Schaufler <casey at schaufler-ca.com>
>>>> + * Copyright (C) Intel Corporation
>>> No date for Intel?
>> The latest guidance I have received is that Intel does not want a date.
> Ok, then I need to have an Intel lawyer sign off on a patch that does
> this in order to have that be their official statement. Otherwise, it
> needs a date.
Seems I misunderstood something. The date will be there.
>>>> + */
>>>> +
>>>> +#ifndef _UAPI_LINUX_LSM_H
>>>> +#define _UAPI_LINUX_LSM_H
>>>> +
>>>> +/*
>>>> + * ID values to identify security modules.
>>>> + * A system may use more than one security module.
>>>> + *
>>>> + * LSM_ID_XXX values 0 - 31 are reserved for future use
>>> Reserved for what? Why?
>> You're not the first person to ask.
> And the answer is?
There hasn't been an argument for it beyond "just in case".
I can't see a rational reason to reserve specific numbers as
I don't see value in LSM ranges.
>> I'll remove the reserved values for the next version.
> Because we asked it will be removed?
Because I don't have a good reason for including it and it
has been called into question. If a reviewer has a legitimate
case for reserved values they may be back.
> confused,
>
> greg k-h
More information about the Linux-security-module-archive
mailing list