Re: [PATCH v14 0/3] Add trusted_for(2) (was O_MAYEXEC)

[PATCH v14 0/3] Add trusted_for(2) (was O_MAYEXEC) · Mickaël Salaün <mic@digikod.net> · 2021-10-08
[PATCH v14 1/3] fs: Add trusted_for(2) syscall implementation and related sysctl · Mickaël Salaün <mic@digikod.net> · 2021-10-08
[PATCH v14 2/3] arch: Wire up trusted_for(2) · Mickaël Salaün <mic@digikod.net> · 2021-10-08
[PATCH v14 3/3] selftest/interpreter: Add tests for trusted_for(2) policies · Mickaël Salaün <mic@digikod.net> · 2021-10-08
Re: [PATCH v14 3/3] selftest/interpreter: Add tests for trusted_for(2) policies · Kees Cook <hidden> · 2021-10-08
Re: [PATCH v14 0/3] Add trusted_for(2) (was O_MAYEXEC) · Kees Cook <hidden> · 2021-10-08
Re: [PATCH v14 0/3] Add trusted_for(2) (was O_MAYEXEC) · Andrew Morton <akpm@linux-foundation.org> · 2021-10-10
Re: [PATCH v14 0/3] Add trusted_for(2) (was O_MAYEXEC) · Mickaël Salaün <mic@digikod.net> · 2021-10-11
Re: [PATCH v14 0/3] Add trusted_for(2) (was O_MAYEXEC) · Andrew Morton <akpm@linux-foundation.org> · 2021-10-11

From: Kees Cook <hidden>
Date: 2021-10-08 22:47:43
Also in: linux-api, linux-fsdevel, linux-security-module, lkml

On Fri, Oct 08, 2021 at 12:48:37PM +0200, Mickaël Salaün wrote:

This patch series is mainly a rebase on v5.15-rc4 with some cosmetic
changes suggested by Kees Cook.  Andrew, can you please consider to
merge this into your tree?

Thanks for staying on this series! This is a good step in the right
direction for finally plugging the "interpreter" noexec hole. I'm pretty
sure Chrome OS will immediately use this as they've been carrying
similar functionality for a long time.

-- 
Kees Cook

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help