On 11/07/17 14:12, Tetsuo Handa wrote: > Igor Stoppa wrote: >> - I had to rebase Tetsuo Handa's patch because it didn't apply cleanly >> anymore, I would appreciate an ACK to that or a revised patch, whatever >> comes easier. > > Since we are getting several proposals of changing LSM hooks and both your proposal > and Casey's "LSM: Security module blob management" proposal touch same files, I think > we can break these changes into small pieces so that both you and Casey can make > future versions smaller. > > If nobody has objections about direction of Igor's proposal and Casey's proposal, > I think merging only "[PATCH 2/3] LSM: Convert security_hook_heads into explicit > array of struct list_head" from Igor's proposal and ->security accessor wrappers (e.g. I would like to understand if there is still interest about: * "[PATCH 1/3] Protectable memory support" which was my main interest * "[PATCH 3/3] Make LSM Writable Hooks a command line option" which was the example of how to use [1/3] > #define selinux_security(obj) (obj->security) > #define smack_security(obj) (obj->security) > #define tomoyo_security(obj) (obj->security) > #define apparmor_security(obj) (obj->security) For example, I see that there are various kzalloc calls that might be useful to turn into pmalloc ones. In general, I'd think that, after a transient is complete, where modules are loaded by allocating dynamic data structures, they could be locked down in read-only mode. I have the feeling that, now that I have polished up the pmalloc patch, the proposed use case is fading away. Can it be adjusted to the new situation or should I look elsewhere for an example that would justify merging pmalloc? thanks, igor -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>
