[GIT PULL] tomoyo update for v6.12
John Johansen
john.johansen at canonical.com
Thu Oct 3 02:33:40 UTC 2024
On 10/1/24 11:22, Paul Moore wrote:
> On Tue, Oct 1, 2024 at 12:36 PM Linus Torvalds
> <torvalds at linux-foundation.org> wrote:
>> On Tue, 1 Oct 2024 at 07:00, Paul Moore <paul at paul-moore.com> wrote:
>>>
>>> Linus, it's unclear if you're still following this thread after the
>>> pull, but can you provide a little insight on your thoughts here?
>
> ...
>
>> If the consensus is that we should revert, I'll happily revert.
>
> Starting tomorrow when I'm reliably back in front of computer I'll
> sort this out with the rest of the LSM folks. Unless something
> unexpected comes up in the discussion I'll send you a revert later
> this week.
>
I agree that this is the wrong approach and will add that it is
egregious enough that Ubuntu is going to have to disable Tomoyo as
it effectively allows by-passing signed module loads.
you can add my
Acked-by: John Johansen <john.johansen at canonical.com>
>> This
>> was all inside of the tomoyo subdirectory, so I didn't see it as some
>> kind of sidestepping, and treated the pull request as a regular
>> "another odd security subsystem update".
>
> Yes, that's fair, I think you would need a deeper understanding of the
> LSM framework as well as an understanding of recent discussions on the
> list to appreciate all of the details.
>
More information about the Linux-security-module-archive
mailing list