On Fri, Feb 14, 2020 at 6:42 PM Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote: > > Move management of the sock->sk_security blob out > of the individual security modules and into the security > infrastructure. Instead of allocating the blobs from within > the modules the modules tell the infrastructure how much > space is required, and the space is allocated there. > > Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> > Reviewed-by: John Johansen <john.johansen@xxxxxxxxxxxxx> > Acked-by: Stephen Smalley <sds@xxxxxxxxxxxxx> > Signed-off-by: Casey Schaufler <casey@xxxxxxxxxxxxxxxx> > --- > include/linux/lsm_hooks.h | 1 + > security/apparmor/include/net.h | 6 ++- > security/apparmor/lsm.c | 38 ++++----------- > security/security.c | 36 +++++++++++++- > security/selinux/hooks.c | 78 +++++++++++++++---------------- > security/selinux/include/objsec.h | 5 ++ > security/selinux/netlabel.c | 23 ++++----- > security/smack/smack.h | 5 ++ > security/smack/smack_lsm.c | 64 ++++++++++++------------- > security/smack/smack_netfilter.c | 8 ++-- > 10 files changed, 144 insertions(+), 120 deletions(-) Stephen already ACK'd this patch, but more acks/reviews are always better so you can add my ACK as well. Acked-by: Paul Moore <paul@xxxxxxxxxxxxxx> -- paul moore www.paul-moore.com
