Re: [PATCH v4 00/23] LSM: Module stacking for AppArmor

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 6/26/19 2:04 PM, Kees Cook wrote:
> On Wed, Jun 26, 2019 at 12:22:11PM -0700, Casey Schaufler wrote:
>> This patchset provides the changes required for
>> the AppArmor security module to stack safely with any other.
>>


here v

>> Because of the changes to slot handling and the rework of
>> "display" I have not included the Reviewed-by tags from the
>> previous version.


>>
>> v4: Incorporate feedback from v3
>>     - Mark new lsm_<blob>_alloc functions static
>>     - Replace the lsm and slot fields of the security_hook_list
>>       with a pointer to a LSM allocated lsm_id structure. The
>>       LSM identifies if it needs a slot explicitly. Use the
>>       lsm_id rather than make security_add_hooks return the
>>       slot value.
>>     - Validate slot values used in security.c
>>     - Reworked the "display" process attribute handling so that
>>       it works right and doesn't use goofy list processing.
>>     - fix display value check in dentry_init_security
>>     - Replace audit_log of secids with '?' instead of deleting
>>       the audit log
> 
> I think you missed adding my and John's Reviewed-bys from v3?
> 
Casey stated why above




[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux