Re: [PATCH v6 7/8] module: replace the existing LSM hook in init_module

From: Mimi Zohar
Date: Mon Jul 16 2018 - 09:52:54 EST

Next message: Dan Carpenter: "Re: [PATCH 04/18] staging: gasket: device registration error and unregister fixups"
Previous message: Kevin Hilman: "Re: [PATCH v2] ARM64: dts: meson-axg: add saradc support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 2018-07-14 at 19:30 -0700, Kees Cook wrote:
> On Fri, Jul 13, 2018 at 11:06 AM, Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote:
> > Both the init_module and finit_module syscalls call either directly
> > or indirectly the security_kernel_read_file LSM hook. This patch
> > replaces the direct call in init_module with a call to the new
> > security_kernel_load_data hook and makes the corresponding changes
> > in SELinux, LoadPin, and IMA.
> >
> > Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
> > Cc: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
> > Cc: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
> > Cc: Kees Cook <keescook@xxxxxxxxxxxx>
> > Acked-by: Jessica Yu <jeyu@xxxxxxxxxx>
> > Acked-by: Paul Moore <paul@xxxxxxxxxxxxxx>
>
> Acked-by: Kees Cook <keescook@xxxxxxxxxxxx>
>
> Thanks!

Thank you for reviewing/ack'ing all the patches, not just this one.

Mimi

Next message: Dan Carpenter: "Re: [PATCH 04/18] staging: gasket: device registration error and unregister fixups"
Previous message: Kevin Hilman: "Re: [PATCH v2] ARM64: dts: meson-axg: add saradc support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]