-next status as at v7.1-rc6
Linus Torvalds
torvalds at linux-foundation.org
Fri Jun 5 17:25:38 UTC 2026
On Fri, 5 Jun 2026 at 06:45, Serge E. Hallyn <serge at hallyn.com> wrote:
>
> The two most useful threads I believe were from a year ago,
> 20250502184421.1424368-1-bboscaccy at linux.microsoft.com
> and
> 20250528215037.2081066-1-bboscaccy at linux.microsoft.com
> which includes the proposal by the BPF side:
> https://lore.kernel.org/linux-security-module/CACYkzJ6VQUExfyt0=-FmXz46GHJh3d=FXh5j4KfexcEFbHV-vg@mail.gmail.com/
Ok, so that's not a thread I was cc'd on (and I'm not complaining -
this is not code that I *should* be cc'd on), but that does seem to
match what I saw in email discussions I've seen.
There clearly *have* been alternative proposals by the bpf people for
signed unprivileged eBPF.
And they have apparently been ignored for various reasons. And it's
not clear to me why LSM people think they can just ignore maintainers
in the subsystems they want to then check.
Now, again - I'm not claiming to be a subject expert, so I have to go
by maintainership trust. But as it stands now, I really don't see why
I would override the bpf maintainers' NAKs.
And that "as it stands now" obviously very much includes a "maybe in
the future I can be convinced that the bpf people are just being wrong
and overly difficult".
It certainly wouldn't be the first time kernel people have been ornery
and strongly opinionated and just loved arguing.
That's the kind of people we are.
Linus
More information about the Linux-security-module-archive
mailing list