[RFC PATCH] capabilities: remove cap_mmap_file()

Serge E. Hallyn serge at hallyn.com
Tue Oct 1 21:20:13 UTC 2024


On Tue, Oct 01, 2024 at 10:08:04AM -0400, Paul Moore wrote:
> On Mon, Sep 30, 2024 at 5:08 PM Serge E. Hallyn <serge at hallyn.com> wrote:
> > On Thu, Sep 26, 2024 at 09:24:06AM -0400, Paul Moore wrote:
> > > On Thu, Sep 26, 2024 at 9:22 AM Serge E. Hallyn <serge at hallyn.com> wrote:
> > > > On Thu, Sep 26, 2024 at 09:16:04AM -0400, Paul Moore wrote:
> > > > > On Thu, Sep 26, 2024 at 9:11 AM Serge E. Hallyn <serge at hallyn.com> wrote:
> > > > > > On Wed, Sep 25, 2024 at 12:45:20PM -0700, Casey Schaufler wrote:
> > > > > > > On 9/25/2024 12:20 PM, Paul Moore wrote:
> > > > > > > > The cap_mmap_file() LSM callback returns the default value for the
> > > > > > > > security_mmap_file() LSM hook and can be safely removed.
> > > > > > > >
> > > > > > > > Signed-off-by: Paul Moore <paul at paul-moore.com>
> > > > > > >
> > > > > > > Reviewed-by: Casey Schaufler <casey at schaufler-ca.com>
> > > > > >
> > > > > > Reviewed-by: Serge Hallyn <serge at hallyn.com>
> > > > >
> > > > > Thanks Serge.  Any interest in pulling this via the capabilities tree
> > > > > or would you prefer I take this via the LSM tree?
> > > >
> > > > Oh, jinkeys - I guess should take it through the capabilities tree if
> > > > only to check that it still works!
> > >
> > >  :)
> > >
> > > Sounds good, if you change your mind let me know and I'll pick this up.
> >
> > Just got access back to my kernel.org account.  Too late for 6.12 cycle, so
> > I'll keep it ready for 6.13 window.  I suppose I should see about hooking
> > back into the -next kernel for testing.
> 
> Sorry for the delay, network access was spotty over the past few days,
> and what little I did have was just my phone.
> 
> Anyway, yes, this was intended for v6.13 anyway so no harm there.
> Glad you're setup again on kernel.org.
> 
> Hooking up to linux-next is pretty easy, basically just send some
> mail, but if I can offer a suggestion you might want to make your
> linux-next branch a automatically generated "composite" branch so you
> are better able to get both linux-stable and linux-next patches tested
> via the normal linux-next mechanisms.  I'm sure you've seen this
> already, but here is the approach I take with the LSM tree:
> 
> https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git/tree/README.md#n94

Thanks!  I thought in the past there had been "how to best work with
linux-next" guides out there, but I spent some time looking through
linux.git/Documentation, linux-next/, lore.kernel.org, and kernelnewbies
and google and came up with nothing.

-serge



More information about the Linux-security-module-archive mailing list