Re: [PATCH v11 0/4] evm: Do HMAC of multiple per LSM xattrs for new inodes

From: Roberto Sassu
Date: Sat Jun 10 2023 - 04:01:43 EST

Next message: Jiri Pirko: "Re: [RFC PATCH v8 09/10] ptp_ocp: implement DPLL ops"
Previous message: Roberto Sassu: "[PATCH v12 4/4] evm: Support multiple LSMs providing an xattr"
In reply to: Paul Moore: "Re: [PATCH v11 0/4] evm: Do HMAC of multiple per LSM xattrs for new inodes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 6/9/2023 10:05 PM, Paul Moore wrote:

On Sat, Jun 3, 2023 at 3:16 PM Roberto Sassu
<roberto.sassu@xxxxxxxxxxxxxxx> wrote:

From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>

One of the major goals of LSM stacking is to run multiple LSMs side by side
without interfering with each other. The ultimate decision will depend on
individual LSM decision.

Several changes need to be made to the LSM infrastructure to be able to
support that. This patch set tackles one of them: gives to each LSM the
ability to specify one or multiple xattrs to be set at inode creation
time and, at the same time, gives to EVM the ability to access all those
xattrs and calculate the HMAC on them ...

Thanks for sticking with this Roberto, I see a few
comments/suggestions on this patchset, but overall it is looking
pretty good; I'm hopeful we will be able to merge the next revision.

Thanks for looking at it.

Just sent v12 with the suggestions. One is addressed with a different patch set (Smack transmute fixes).

Roberto

Next message: Jiri Pirko: "Re: [RFC PATCH v8 09/10] ptp_ocp: implement DPLL ops"
Previous message: Roberto Sassu: "[PATCH v12 4/4] evm: Support multiple LSMs providing an xattr"
In reply to: Paul Moore: "Re: [PATCH v11 0/4] evm: Do HMAC of multiple per LSM xattrs for new inodes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]