On Thu, 2018-01-25 at 11:58 +1100, Matthew Garrett wrote: > On Mon, Jan 22, 2018 at 5:14 PM, Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote: > > On 1/21/2018 9:27 PM, Matthew Garrett wrote: > >> On Tue, Jan 9, 2018 at 8:36 AM, Matthew Garrett <mjg59@xxxxxxxxxx> wrote: > >>> For IMA purposes, we want to be able to obtain the prepared secid in the > >>> bprm structure before the credentials are committed. Add a cred_getsecid > >>> hook that makes this possible. > >> Any feedback on this version of the set? > > > > > > Sorry for the delay. I'm having a mindset crisis on secids just > > now, and I'm not completely sure if I have any issue with this > > particular hook. Don't wait for me. If everyone else is OK with > > it, go ahead. > > Thanks Casey - Mimi, are you ok with the IMA changes? If so, which > tree should these go through? The IMA patch needs to be upstreamed via the IMA tree, but the only additional IMA patches being upstreamed for 4.16, at this point, are bug fixes. Sorry, I'm only getting back to this now. Assuming all is good with the patch, I'll queue it for after resync'ing with ~4.16.0-rc2. thanks, Mimi
