On Wed, Apr 25, 2018 at 7:51 AM Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote: > [CC'ing Igor] > On Tue, 2018-04-24 at 20:03 +0000, Matthew Garrett wrote: > > Thinking about this some more - I think being able to do this at runtime is > > actually important. If we add an additional xattr to the signatures then we > > want to be able to update machine policy without forcing a reboot first, > > otherwise we have a chicken and egg problem where we have to gate any new > > package update against having a machine rebooted with an updated command > > line (otherwise the signature validation will fail for packages that > > contain new signatures) > If the list of xattr names is append only, there is no reason for re- > allocating the entire xattr name list each time. As long as the xattr > name list pointer is defined as __ro_after_init, we can work with Igor > on using "protectable memory" once it is upstreamed. Ok, I'll refactor this into a list.
