Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 31 May 2017 23:49:34 +0300
From: Igor Stoppa <igor.stoppa@...wei.com>
To: James Morris <jmorris@...ei.org>,
        Tetsuo Handa
	<penguin-kernel@...ove.SAKURA.ne.jp>
CC: <linux-security-module@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
        <kernel-hardening@...ts.openwall.com>,
        Casey Schaufler
	<casey@...aufler-ca.com>,
        Christoph Hellwig <hch@...radead.org>,
        James Morris
	<james.l.morris@...cle.com>,
        Kees Cook <keescook@...omium.org>, Paul Moore
	<paul@...l-moore.com>,
        Stephen Smalley <sds@...ho.nsa.gov>
Subject: Re: [PATCH v2] LSM: Convert security_hook_heads into explicit array
 of struct list_head

On 30/05/17 13:32, James Morris wrote:

> This seems like pointless churn in security-critical code in anticipation 
> of features which are still in development and may not be adopted.
> 
> Is there a compelling reason to merge this now? (And I don't mean worrying 
> about non-existent compliers).

I propose to take this patch as part of those I will be submitting.
It took me some unplanned time to add support for hardened user copy,
but now it's done - at least to a point that I can test it without failures.

So I'm back on track to provide an example of the smalloc api and I can
also use Tetsuo's work (thanks again, btw).
This patch would be sandwiched between the smalloc ones and the LSM rework.

It can get merged when the rest (hopefully) is merged.

But I have a more prosaic question: since smalloc is affecting the
memory subsystem, can it still be merged through the security tree?

---
thanks, igor

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.