On Thu, Jun 6, 2019 at 12:09 PM Casey Schaufler [off-list ref] wrote:

On 6/6/2019 10:18 AM, Andy Lutomirski wrote:

quoted

On Thu, Jun 6, 2019 at 8:06 AM David Howells [off-list ref] wrote:

quoted

Andy Lutomirski [off-list ref] wrote:

quoted

Casey, I think you need to state your requirement in a way that's well
defined, and I think you need to make a compelling case that your
requirement is indeed worth dictating the design of parts of the
kernel outside LSM.

Err, no, I don't believe so. There's a whole lot more
going on in this discussion than just what's going on
within the LSMs. Using examples from the LSMs makes it
easier, because their policies are better defined than
the "legacy" policies are. The most important part of the
discussion is about ensuring that the event mechanism
doesn't circumvent the legacy policies. Yes, I understand
that you don't know what that means, or has to do with
anything.

Indeed, I do not know what you have in mind about making sure this
mechanism doesn't circumvent legacy policies.  Can you elaborate?

--Andy