Received: by 10.192.165.156 with SMTP id m28csp1128552imm; Wed, 11 Apr 2018 12:59:46 -0700 (PDT) X-Google-Smtp-Source: AIpwx48rRzQ471swnc1rSVZ9d+pP2g8VMeri/qvvOmxZGURVjzhETehN920++Ybk2HyjMp6Y0aV7 X-Received: by 10.99.126.73 with SMTP id o9mr4471841pgn.168.1523476786445; Wed, 11 Apr 2018 12:59:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1523476786; cv=none; d=google.com; s=arc-20160816; b=pejobKY9+7zF7CLhVwSbQ1lIy9JvZjZrWPS5a45iFPnriCMmdl4P1oAcdOB12K0X7Z Vy84fFNEsdzjno23BzMJoFQplDCqBvOFjzwL179iXsL5uGgGtmUurD804eLDrTURhUTj XcmjUT0yYYcrL6P6b5c2Kz/Ox20ekWJydmMgues35pOZvhJ8hiumkAR5kjPZPnD5Hr7Z MBQaPfGJGgO+hT/zZ3gW/KEFotP87Fu8Fvob2jXu6LAKJIxFW6akrxMTeTaU9+D58UW3 EmszOv4a9g1428aIxRNuKHAjxc3SIV1vWnc3Rb+mJsWehp+BgROMp1sEGLOtMrxQicqj KPNA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=isBYj1qkrt6DFDeMBskvSGM2RPtsKocDy99isOKHXss=; b=p2dROHsOjwZLK5GFjWLvwW2Qh2uEh3YoeE+yWydzfesrAR7GJUNDPD73bWUti+gtwY 8FPrhj0xcgMl/yZRGqsDv3hnGRaikl49DP2LQTnyelmXk2wyK4L1YWTCC68Kv+rA3FL/ oe8kSBMkNHy1IDOzaUD0LApJeaMqTzGbEptZeIYpqBm60ujpm5kCQxFGJrayb7jhe0eu dbl4wHQjOGHh5B1rppuRgaYkN2aZWasrOsyBv5v+Sz39RiAICsDu0Fo39z0UXUb+UxJL O/Pv4nbU10AGeJpw5/qSRioBVeLv5FOvEs6t+7b4L7zUYDtWAN3LbaeilWLnrZZKH769 ZhnQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s14si1294422pfh.220.2018.04.11.12.59.09; Wed, 11 Apr 2018 12:59:46 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756769AbeDKT40 (ORCPT + 99 others); Wed, 11 Apr 2018 15:56:26 -0400 Received: from mail.linuxfoundation.org ([140.211.169.12]:54462 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754702AbeDKT4Y (ORCPT ); Wed, 11 Apr 2018 15:56:24 -0400 Received: from localhost (LFbn-1-12247-202.w90-92.abo.wanadoo.fr [90.92.61.202]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id 5773DBAA; Wed, 11 Apr 2018 19:56:23 +0000 (UTC) Date: Wed, 11 Apr 2018 21:56:15 +0200 From: Greg KH To: Miguel Ojeda Cc: Randy Dunlap , David Howells , Linus Torvalds , linux-man@vger.kernel.org, linux-api@vger.kernel.org, jmorris@namei.org, linux-kernel , linux-security-module@vger.kernel.org Subject: Re: [PATCH 01/24] Add the ability to lock down access to the running kernel image Message-ID: <20180411195615.GA6979@kroah.com> References: <152346387861.4030.4408662483445703127.stgit@warthog.procyon.org.uk> <152346388583.4030.15146667041427303547.stgit@warthog.procyon.org.uk> <6a37b428-d9fb-12d5-8d36-8a032984af8c@infradead.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.9.4 (2018-02-28) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Apr 11, 2018 at 08:50:00PM +0200, Miguel Ojeda wrote: > On Wed, Apr 11, 2018 at 7:37 PM, Randy Dunlap wrote: > > On 04/11/2018 09:24 AM, David Howells wrote: > > > >> diff --git a/security/lock_down.c b/security/lock_down.c > >> new file mode 100644 > >> index 000000000000..f35ffdd096ad > >> --- /dev/null > >> +++ b/security/lock_down.c > >> @@ -0,0 +1,65 @@ > >> +/* Lock down the kernel > >> + * > >> + * Copyright (C) 2016 Red Hat, Inc. All Rights Reserved. > >> + * Written by David Howells (dhowells@redhat.com) > >> + * > >> + * This program is free software; you can redistribute it and/or > >> + * modify it under the terms of the GNU General Public Licence > >> + * as published by the Free Software Foundation; either version > >> + * 2 of the Licence, or (at your option) any later version. > > > > fsf.org spells that Licence word as License. :) > > Given this is a new file, simply use the SPF identifier on top. checkpatch.pl should now check for this as well.