On Fri, Oct 27, 2023 at 8:56 AM Mickaël Salaün <mic@xxxxxxxxxxx> wrote: > > Thanks Stephen, your patch is good! I tested it with the merge of my > branch and LSM/dev-staging. > > The new Landlock changes (tested in -next for a few weeks) add a new > call to security_add_hooks() which gets a new signature with commit > 9b09f11320db ("LSM: Identify modules by more than name") from > the LSM/dev-staging branch [1]. > > I plan to send a PR with my branch in the next merge window (for > v6.7-rc1). > > We should squash Stephen's patch in commit 9b09f11320db ("LSM: > Identify modules by more than name") but it would not be possible > without my branch. I see two solutions: > * keep Stephen's patch in -next only, or > * rebase LSM/dev-staging on my branch now, and rebase it later on > v6.7-rc1 once my branch is merged (which is the workflow described in > [1]). > > Paul, what do you think? Thanks Stephen, Mickaël. Once the Landlock tree is pulled into Linus' tree during the next merge window I'll update the LSM syscall patches currently living in lsm/dev-staging and this conflict should go away. FWIW, there are other conflicts with the LSM syscall patchset, most notably in the syscall registrations, that should also resolve themselves when I rebase on top of v6.7-rc1. -- paul-moore.com