On Mon, Aug 1, 2022 at 7:00 PM Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx> wrote: > > On Mon, Aug 01, 2022 at 01:01:44PM -0500, Frederick Lawler wrote: > > Users may want to audit calls to security_create_user_ns() and access > > user space memory. Also create_user_ns() runs without > > pagefault_disabled(). Therefore, make bpf_lsm_userns_create() sleepable > > for mandatory access control policies. > > > > Signed-off-by: Frederick Lawler <fred@xxxxxxxxxxxxxx> > > Acked-by: Christian Brauner (Microsoft) <brauner@xxxxxxxxxx> > > We can take this set through bpf-next tree if it's easier. Thanks Alexei, but I'm currently planning to merge it into the LSM next branch once the merge window closes. > Or if it goes through other trees: > Acked-by: Alexei Starovoitov <ast@xxxxxxxxxx> I appreciate the review/ACK, would you mind reviewing the tests too (patch 3/4)? -- paul-moore.com
