On Fri, May 2, 2025 at 4:44 PM Casey Schaufler [off-list ref] wrote:

On 5/2/2025 1:01 PM, Paul Moore wrote:

quoted

Hello all,

We've worked in the past to document some of our policies and
guidelines, the result can be seen at the link below (also listed in
MAINTAINERS):

- https://github.com/LinuxSecurityModule/kernel/blob/main/README.md

However, one of the areas that has been missing from this guidance,
are policies on deprecating and removing LSM hooks as well as LSMs
themselves.  In an effort to fix that, I've drafted two additional
sections (below) and I would appreciate feedback from the LSM
community as a whole on these sections.  The LSM hook deprecation
policy follows the undocumented process we've typically followed, and
while we've never deprecated/removed a LSM, I believe the guidance
documented here follows existing precedence.

## Removing LSM Hooks

If a LSM hook is no longer used by any in-kernel LSMs, there is no ongoing work
in progress involving the hook, and no expectation of future work that will use
the hook, the LSM community may consider removal of the LSM hook.  The decision
to ultimately remove the LSM hook should balance ongoing maintenance and
performance concerns with the social challenges of reintroducing the hook if
it is needed at a later date.

Should there also be a section

## Changing LSM hook interfaces

The interface for an LSM hook may need to be changed for a number of
reasons. ...

That's a good point, I'll add that to the TODO.  Much like the LSM
hook removal guidance, it should be fairly brief as I'll simply
document the general practices we've followed thus far.

-- 
paul-moore.com