On Fri, 30 Mar 2018 00:25:22 +0400 Igor Stoppa <igor.stoppa@xxxxxxxxx> wrote: > On 27/03/18 20:55, Jonathan Corbet wrote: > > On Tue, 27 Mar 2018 18:37:36 +0300 > > Igor Stoppa <igor.stoppa@xxxxxxxxxx> wrote: > > > >> This patch-set introduces the possibility of protecting memory that has > >> been allocated dynamically. > > > > One thing that jumps out at me as I look at the patch set is: you do not > > include any users of this functionality. Where do you expect this > > allocator to be used? Actually seeing the API in action would be a useful > > addition, I think. > > Yes, this is very true. > Initially I had in mind to use LSM hooks as easy example, but sadly they > seem to be in an almost constant flux. > > My real use case is to secure both those and the SELinux policy DB. > I have said this few times, but it didn't seem to be worth mentioning in > the cover letter. In general, it is quite hard to merge a new API without users to go along with it. Among other things, that's how reviewers can see how well the API works in real-world use. I am certainly not the one who will make the decision on whether this goes in, but I suspect that whoever *does* make that decision would prefer to see some users. Thanks, jon
