Re: LSM stacking in next for 6.1?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2022/09/16 0:50, Casey Schaufler wrote:
>> Although the upstream Linux Kernel focuses only on in-tree kernel code,
>> CONFIG_MODULES=y is not limited for in-tree kernel code. It is used by e.g.
>> device vendors to deliver their out-of-tree driver code.
> 
> I see this argument all the time. The response is "get your driver upstream".
> Vendors/developers who whine "It's too hard" get no sympathy from me.
> 

Getting off-topic from loadable module LSMs, but one of reasons they do not
try to get upstream might be to be able to synchronize across multiple kernel
versions. For example, splx_kernel_module-3.0.1.0024-src.tar.gz is trying to
serve as a common source code for many distributor's kernel versions.

If some snapshot were included in upstream kernel, it becomes difficult to keep
the same bugfixes/features applied across kernel versions the vendor wants to
load into.

Although ./scripts/checkpatch.pl warns about use of LINUX_VERSION_CODE, there are
cases where vendors want to share the same bugfixes/features across all kernel
versions.




[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux