Re: [PATCH v7 2/6] ocfs2: Switch to security_inode_init_security()

[PATCH v7 0/6] evm: Do HMAC of multiple per LSM xattrs for new inodes · Roberto Sassu <hidden> · 2022-12-01
[PATCH v7 1/6] reiserfs: Switch to security_inode_init_security() · Roberto Sassu <hidden> · 2022-12-01
Re: [PATCH v7 1/6] reiserfs: Switch to security_inode_init_security() · Mimi Zohar <zohar@linux.ibm.com> · 2023-02-17
[PATCH v7 2/6] ocfs2: Switch to security_inode_init_security() · Roberto Sassu <hidden> · 2022-12-01
Re: [PATCH v7 2/6] ocfs2: Switch to security_inode_init_security() · Roberto Sassu <hidden> · 2023-01-10
Re: [PATCH v7 2/6] ocfs2: Switch to security_inode_init_security() · Paul Moore <paul@paul-moore.com> · 2023-01-12
Re: [PATCH v7 2/6] ocfs2: Switch to security_inode_init_security() · Roberto Sassu <hidden> · 2023-02-08
Re: [PATCH v7 2/6] ocfs2: Switch to security_inode_init_security() · Paul Moore <paul@paul-moore.com> · 2023-02-09
Re: [PATCH v7 2/6] ocfs2: Switch to security_inode_init_security() · Joseph Qi <joseph.qi@linux.alibaba.com> · 2023-02-21
Re: [PATCH v7 2/6] ocfs2: Switch to security_inode_init_security() · Roberto Sassu <hidden> · 2023-02-21
Re: [PATCH v7 2/6] ocfs2: Switch to security_inode_init_security() · Mimi Zohar <zohar@linux.ibm.com> · 2023-02-17
Re: [PATCH v7 2/6] ocfs2: Switch to security_inode_init_security() · Mimi Zohar <zohar@linux.ibm.com> · 2023-02-17
Re: [PATCH v7 2/6] ocfs2: Switch to security_inode_init_security() · Roberto Sassu <hidden> · 2023-02-20
Re: [PATCH v7 2/6] ocfs2: Switch to security_inode_init_security() · Mimi Zohar <zohar@linux.ibm.com> · 2023-02-20
Re: [PATCH v7 2/6] ocfs2: Switch to security_inode_init_security() · Roberto Sassu <hidden> · 2023-02-20
Re: [PATCH v7 2/6] ocfs2: Switch to security_inode_init_security() · Mimi Zohar <zohar@linux.ibm.com> · 2023-02-20
Re: [PATCH v7 2/6] ocfs2: Switch to security_inode_init_security() · Roberto Sassu <hidden> · 2023-02-20
[PATCH v7 3/6] security: Remove security_old_inode_init_security() · Roberto Sassu <hidden> · 2022-12-01
Re: [PATCH v7 3/6] security: Remove security_old_inode_init_security() · Mimi Zohar <zohar@linux.ibm.com> · 2023-02-19
[PATCH v7 4/6] security: Allow all LSMs to provide xattrs for inode_init_security hook · Roberto Sassu <hidden> · 2022-12-01
Re: [PATCH v7 4/6] security: Allow all LSMs to provide xattrs for inode_init_security hook · Mimi Zohar <zohar@linux.ibm.com> · 2023-02-20
[PATCH v7 5/6] evm: Align evm_inode_init_security() definition with LSM infrastructure · Roberto Sassu <hidden> · 2022-12-01
Re: [PATCH v7 5/6] evm: Align evm_inode_init_security() definition with LSM infrastructure · Mimi Zohar <zohar@linux.ibm.com> · 2023-02-19
[PATCH v7 6/6] evm: Support multiple LSMs providing an xattr · Roberto Sassu <hidden> · 2022-12-01
Re: [PATCH v7 6/6] evm: Support multiple LSMs providing an xattr · Mimi Zohar <zohar@linux.ibm.com> · 2023-02-19
Re: [PATCH v7 6/6] evm: Support multiple LSMs providing an xattr · Roberto Sassu <hidden> · 2023-02-20
Re: [PATCH v7 6/6] evm: Support multiple LSMs providing an xattr · Mimi Zohar <zohar@linux.ibm.com> · 2023-02-20
Re: [PATCH v7 0/6] evm: Do HMAC of multiple per LSM xattrs for new inodes · Paul Moore <paul@paul-moore.com> · 2023-01-12
Re: [PATCH v7 0/6] evm: Do HMAC of multiple per LSM xattrs for new inodes · Roberto Sassu <hidden> · 2023-01-13
Re: [PATCH v7 0/6] evm: Do HMAC of multiple per LSM xattrs for new inodes · Paul Moore <paul@paul-moore.com> · 2023-03-08
Re: [PATCH v7 0/6] evm: Do HMAC of multiple per LSM xattrs for new inodes · Roberto Sassu <hidden> · 2023-03-09

From: Paul Moore <paul@paul-moore.com>
Date: 2023-02-09 21:06:07
Also in: linux-integrity, lkml, ocfs2-devel, selinux

On Wed, Feb 8, 2023 at 9:33 AM Roberto Sassu
[off-list ref] wrote:

On Thu, 2023-01-12 at 12:21 -0500, Paul Moore wrote:

quoted

On Tue, Jan 10, 2023 at 3:56 AM Roberto Sassu
[off-list ref] wrote:

quoted

On Thu, 2022-12-01 at 11:41 +0100, Roberto Sassu wrote:

quoted

From: Roberto Sassu <roberto.sassu@huawei.com>

In preparation for removing security_old_inode_init_security(), switch to
security_inode_init_security().

Extend the existing ocfs2_initxattrs() to take the
ocfs2_security_xattr_info structure from fs_info, and populate the
name/value/len triple with the first xattr provided by LSMs.

Hi Mark, Joel, Joseph

some time ago I sent this patch set to switch to the newer
function security_inode_init_security(). Almost all the other parts of
this patch set have been reviewed, and the patch set itself should be
ready to be merged.

I kindly ask if you could have a look at this patch and give your
Reviewed-by, so that Paul could take the patch set.

I've been pushing to clean up some of the LSM interfaces to try and
simplify things and remove as many special cases as possible,
Roberto's work in this patchset is part of that.  I would really
appreciate it if the vfs/ocfs2 folks could give patch 2/6 a quick look
to make sure you are okay with the changes.

I realize that the various end-of-year holidays tend to slow things
down a bit, but this patchset has been on the lists for over a month
now; if I don't hear anything in the next week or two I'll assume you
folks are okay with these patches ...

Hi Paul

is this patch set going to land in 6.3?

Hi Roberto,

I had really hoped the vfs/ocfs2 folks would have commented on this by
now, but it's been over two months now with no comments that I can see
so I think we have to do it ourselves via the LSM tree.  It's
obviously too late for the upcoming merge window, so no v6.3, but I
think we can merge it *after* the upcoming merge window closes,
assuming we get ACKs from Mimi on the EVM bits (I still need to review
it too, but I'm not expecting anything too bad).

-- 
paul-moore.com

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help