[PATCH v15 00/11] LSM: Three basic syscalls

Roberto Sassu roberto.sassu at huaweicloud.com
Mon Oct 16 12:04:30 UTC 2023


On Fri, 2023-10-13 at 17:55 -0400, Paul Moore wrote:
> On Thu, Oct 12, 2023 at 6:07 PM Paul Moore <paul at paul-moore.com> wrote:
> > 
> > On Tue, Sep 12, 2023 at 4:57 PM Casey Schaufler <casey at schaufler-ca.com> wrote:
> > > 
> > > Add three system calls for the Linux Security Module ABI ...
> > 
> > First off, a big thank you to Casey who took it upon himself to turn
> > my pseudo-code syscall suggestion into a proper patchset and saw it
> > through 15 revisions.  Thanks also go out to everyone that has helped
> > review and comment on this effort; I know everyone is busy, but these
> > reviews are important.
> > 
> > I'm happy to say that I think we're in a good place with this revision
> > of the LSM syscall patchset.  I only see two outstanding issues, and
> > neither of those are bugs/showstoppers that affect the API, they are
> > simply areas where the implementation could be improved.  With the
> > understanding that Casey is busy for the rest of the month, and my
> > desire to make sure this patchset gets a full dev cycle in linux-next,
> > I'm going to suggest merging this into the lsm/next-queue branch soon
> > (likely tomorrow) in preparation for merging it into lsm/next once the
> > upcoming merge window closes.  Those who want to help improve the
> > implementation, as suggested in the feedback on this revision or
> > otherwise, are welcome to submit patches against the lsm/next-queue
> > branch and I will merge them into that branch once they pass review.
> > 
> > If I don't hear any objections I'll plan on merging this patchset
> > tomorrow, I'll send a follow-up reply to this email when it's done.
> 
> Since it's been *almost* a full 24 hours and no objections I went
> ahead and merged this patchset into lsm/next-queue with the intention
> of bringing them into lsm/next after the upcoming merge window closes.
> For those of you who have suggested changes, please feel free to
> submit patches against the lsm/next-queue branch and we can get them
> queued up along with these patches.

Sorry, I just noticed LSM_ID_IMA. Since we have the 'integrity' LSM, I
think it should be LSM_ID_INTEGRITY.

Mimi, all, do you agree? If yes, I send a patch shortly.

Thanks

Roberto



More information about the Linux-security-module-archive mailing list