[CC'ing Igor] On Tue, 2018-04-24 at 20:03 +0000, Matthew Garrett wrote: > On Mon, Apr 16, 2018 at 1:22 PM Matthew Garrett <mjg59@xxxxxxxxxx> wrote: > > I could go either way on this - I think that doing it on the command line > > would satisfy all my use cases. > > Thinking about this some more - I think being able to do this at runtime is > actually important. If we add an additional xattr to the signatures then we > want to be able to update machine policy without forcing a reboot first, > otherwise we have a chicken and egg problem where we have to gate any new > package update against having a machine rebooted with an updated command > line (otherwise the signature validation will fail for packages that > contain new signatures) If the list of xattr names is append only, there is no reason for re- allocating the entire xattr name list each time. As long as the xattr name list pointer is defined as __ro_after_init, we can work with Igor on using "protectable memory" once it is upstreamed. Mimi
