[PATCH] rust: lsm: replace context+len with lsm_context

Alice Ryhl aliceryhl at google.com
Fri Nov 1 18:08:16 UTC 2024


On Fri, Nov 1, 2024 at 6:59 PM Paul Moore <paul at paul-moore.com> wrote:
>
> On Fri, Nov 1, 2024 at 1:24 PM Alice Ryhl <aliceryhl at google.com> wrote:
> > On Fri, Nov 1, 2024 at 6:11 PM Paul Moore <paul at paul-moore.com> wrote:
> > > On Fri, Nov 1, 2024 at 1:04 PM Miguel Ojeda
> > > <miguel.ojeda.sandonis at gmail.com> wrote:
> > > > On Fri, Nov 1, 2024 at 5:56 PM Paul Moore <paul at paul-moore.com> wrote:
> > > > >
> > > > > Thanks Alice.  Would you like me to pull this in via the LSM tree with
> > > > > the associated LSM changes, or would you prefer to do this some other
> > > > > way?
> > > > >
> > > > > I'm going to merge this into lsm/dev for now so that we fix the issue
> > > > > in linux-next, but I'm happy to drop it or do something else, let me
> > > > > know.
> > > >
> > > > Christian has the VFS side, and both are needed for this -- do you
> > > > mean you will cross-merge vfs' branch too?
> > >
> > > I think our last emails crossed paths.  I'm not going to merge this
> > > via the LSM tree as we don't have the Rust security.c helpers.
> > > Ideally it would have been better to have the Rust LSM/security
> > > helpers in the LSM tree for reasons like this, but it looks like it's
> > > too late for that now.
> >
> > If Christian is okay with rewriting the vfs.rust.file tree, we can
> > drop commit 94d356c0335f ("rust: security: add abstraction for
> > secctx") from there and I'll update it and send it for inclusion in
> > the LSM tree instead. I'll need to drop the piece that ties together
> > `struct cred` and `secctx` from the patch, but I can follow up with a
> > small patch for that for the 6.14 merge window.
>
> I can only guess at what Chrisitian wants to do, but my guess is that
> he isn't going to be very excited about rewriting a VFS tree at this
> stage ... which is very understandable as far as I'm concerned.
>
> I wouldn't worry too much about this right now, I'm going to plan on
> holding Casey's patchset in a staging area until after the upcoming
> merge window.

Okay. If Casey's patchset is not landing for 6.13, then the fix I
posted initially can be used. Casey is also welcome to squash my fix
into his series if you all prefer that. I'm happy with whatever is
easiest for you all.

Alice



More information about the Linux-security-module-archive mailing list