On Wed, Jun 26, 2019 at 02:11:23PM -0700, John Johansen wrote: > On 6/26/19 2:04 PM, Kees Cook wrote: > > On Wed, Jun 26, 2019 at 12:22:11PM -0700, Casey Schaufler wrote: > >> This patchset provides the changes required for > >> the AppArmor security module to stack safely with any other. > >> > > > here v > > >> Because of the changes to slot handling and the rework of > >> "display" I have not included the Reviewed-by tags from the > >> previous version. > > > >> > >> v4: Incorporate feedback from v3 > >> - Mark new lsm_<blob>_alloc functions static > >> - Replace the lsm and slot fields of the security_hook_list > >> with a pointer to a LSM allocated lsm_id structure. The > >> LSM identifies if it needs a slot explicitly. Use the > >> lsm_id rather than make security_add_hooks return the > >> slot value. > >> - Validate slot values used in security.c > >> - Reworked the "display" process attribute handling so that > >> it works right and doesn't use goofy list processing. > >> - fix display value check in dentry_init_security > >> - Replace audit_log of secids with '?' instead of deleting > >> the audit log > > > > I think you missed adding my and John's Reviewed-bys from v3? > > > Casey stated why above Oops! Thanks! I skimmed too fast and only read the "v4" log. :P -- Kees Cook
