Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote: > Given that the original objection to using a skb extension for a > security blob was that an extension is dynamic, and that the ubiquitous > nature of LSM use makes that unreasonable, it would seem that supporting > the security blob as a basic part if the skb would be the obvious and > correct solution. If the normal case is that there is an LSM that would > befit from the native (unextended) support of a blob, it would seem > that that is the case that should be optimized. What is this "blob"? i.e., what would you like to add to sk_buff to make whatever use cases you have in mind work?
