Re: [PATCH v4 08/19] Infrastructure management of the cred security blob

From: Kees Cook
Date: Fri Sep 21 2018 - 22:50:47 EST

Next message: Kees Cook: "Re: [PATCH v4 10/19] Smack: Abstract use of file security blob"
Previous message: Kees Cook: "Re: [PATCH v4 07/19] TOMOYO: Abstract use of cred security blob"
In reply to: Casey Schaufler: "[PATCH v4 08/19] Infrastructure management of the cred security blob"
Next in thread: Casey Schaufler: "[PATCH v4 10/19] Smack: Abstract use of file security blob"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Sep 21, 2018 at 5:18 PM, Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote:
> Move management of the cred security blob out of the
> security modules and into the security infrastructre.
> Instead of allocating and freeing space the security
> modules tell the infrastructure how much space they
> require.
>
> Signed-off-by: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>

When combined with my series, this gets slightly simpler:
- the double init call and the "finished" stuff goes away
- debugging output is controlled by "lsm.debug" param instead of a CONFIG

Regardless, for the overall logic, calculating the sizes, etc:

Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>

-Kees

--
Kees Cook
Pixel Security

Next message: Kees Cook: "Re: [PATCH v4 10/19] Smack: Abstract use of file security blob"
Previous message: Kees Cook: "Re: [PATCH v4 07/19] TOMOYO: Abstract use of cred security blob"
In reply to: Casey Schaufler: "[PATCH v4 08/19] Infrastructure management of the cred security blob"
Next in thread: Casey Schaufler: "[PATCH v4 10/19] Smack: Abstract use of file security blob"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]