Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 13 Feb 2017 08:26:56 -0800
From: Laura Abbott <>
To: Kees Cook <>,
 Tetsuo Handa <>
Cc: James Morris <>,
 linux-security-module <>,
 "" <>
Subject: Re: Re: [RFC PATCH 1/4] security: mark LSM hooks
 as __ro_after_init

On 02/13/2017 06:59 AM, Kees Cook wrote:
> On Mon, Feb 13, 2017 at 2:33 AM, Tetsuo Handa
> <> wrote:
>> James Morris wrote:
>>> As the regsitration of LSMs is performed during init and then does
>>> not change, we can mark all of the regsitration hooks as __ro_after_init.
>>> Signed-off-by: James Morris <>
>> This patch makes LKM based LSMs (e.g. AKARI) impossible.
>> I'm not happy with this patch.
> LKM based LSMs don't exist yet, and when they do, we may also have the
> "write rarely" infrastructure done, which LKM based LSMs can use to
> update the structures.
> -Kees

Is someone actually working on the write rarely patches? If a version
has been sent out, I don't recall seeing it.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.