Received: by 2002:ac0:a582:0:0:0:0:0 with SMTP id m2-v6csp1266506imm; Thu, 4 Oct 2018 10:40:42 -0700 (PDT) X-Google-Smtp-Source: ACcGV61bubFK3Um+uC+u2MFdaFZdSN6+8X7A9vxY2Bhunu2Am+GmDMrP7vKnuyuKJF1qco/i+rb8 X-Received: by 2002:a17:902:8481:: with SMTP id c1-v6mr7834198plo.158.1538674842428; Thu, 04 Oct 2018 10:40:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1538674842; cv=none; d=google.com; s=arc-20160816; b=LJRxQ2KZuT9fQ2vdicFzbxlJXsHA3f+ECwAQ83SNGavMF/nSrToR9udRR4y0GXU3o3 dYIjNKLVjOvNU4Y48U+4Qys9QptAbA7TwrlUv9CdH9Qm+rPruRTPCxSz3Sv6t6i2+pgY TIi5K8CGmFLS/mU/GXwNRKiJfGocZMNjbcYSAWMeEBWl+s1VHlQ8lAgEgXrAvNSoWEmb 0K8mcVj/gH+YOhftoSXgDpEwn20nYGd9+HVhyBaOuFOwRTGTUpeZh9Um2l7if3BVX5sI Zf3gvnMRiP5LOX4xI1s1TLwt16mdKJ0d6YapghnMtAenyxCdTbqo9599TV/MvM6GM4GP Mgtw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :feedback-id:references:in-reply-to:message-id:subject:reply-to:cc :from:to:dkim-signature:date; bh=8uU5QQ2b9KO3PhUvWfZ6Cnm0d+dG9nn5PeLFu3rcOgY=; b=u0vsjzANKh50uYDPApygrat2OoDFqL6Mx9OZIfwikY8oRHnjnvrs5xII/CD0lPJdyC wPTnEBIcdVedBcmDnxI43rLRcnvzbTbaxV8I1VY7Fu0zdSiVKfEv5rG7rYZ0MphHQw4c ADZC/IhiTgBl5Ke6iXa1mn8Ls9hT07ZCPWgs0En5atI7kF31/6ZXt8/acJ+xXPeavqwz TM9g7XazeJWaEQBbaxKIZMe/5+lJP67a+sQyxmz4pn3Yf5gKMf18QF++bWCL4YEIvJK/ b7NHBXZLDxmE6EUphGY4UVpogz9SfPE8gS5c40bHGMvMANC4hiRC21Oym2Ws7Eqv3I1Y G41g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@protonmail.ch header.s=default header.b=Lw8OaODQ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.ch Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e4-v6si5595341pfa.274.2018.10.04.10.40.26; Thu, 04 Oct 2018 10:40:42 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@protonmail.ch header.s=default header.b=Lw8OaODQ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.ch Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727551AbeJEAei (ORCPT + 99 others); Thu, 4 Oct 2018 20:34:38 -0400 Received: from mail-40136.protonmail.ch ([185.70.40.136]:15728 "EHLO mail-40136.protonmail.ch" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727406AbeJEAeh (ORCPT ); Thu, 4 Oct 2018 20:34:37 -0400 Date: Thu, 04 Oct 2018 17:40:15 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.ch; s=default; t=1538674817; bh=8uU5QQ2b9KO3PhUvWfZ6Cnm0d+dG9nn5PeLFu3rcOgY=; h=Date:To:From:Cc:Reply-To:Subject:In-Reply-To:References: Feedback-ID:From; b=Lw8OaODQkZaOqjzu1is8k4KTq0qqqgHLLE1paU8WDZ7q/IXiCJIRVS8YidiI8foRn hOEHmhBRi2y+miMUASegJkH6zy5sTHkgFepIVDi4X2hIGDG4SSUhCccK3JM8HhcBQR 4weFhtj5NBJGYD7J/lliak7XUzkc9UYqq1mVVmpw= To: Kees Cook From: Jordan Glover Cc: John Johansen , James Morris , Stephen Smalley , Paul Moore , Casey Schaufler , Tetsuo Handa , "Schaufler, Casey" , linux-security-module , Jonathan Corbet , linux-arch , LKML Reply-To: Jordan Glover Subject: Re: [PATCH security-next v4 23/32] selinux: Remove boot parameter Message-ID: In-Reply-To: References: <20181002005505.6112-1-keescook@chromium.org> <5955f5ce-b803-4f58-8b07-54c291e33da5@canonical.com> Feedback-ID: QEdvdaLhFJaqnofhWA-dldGwsuoeDdDw7vz0UPs8r8sanA3bIt8zJdf4aDqYKSy4gJuZ0WvFYJtvq21y6ge_uQ==:Ext:ProtonMail MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-0.6 required=7.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM, FREEMAIL_REPLYTO_END_DIGIT autolearn=no autolearn_force=no version=3.4.0 X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mail.protonmail.ch Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Sent with ProtonMail Secure Email. =E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90 Original Me= ssage =E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90 On Thursday, October 4, 2018 6:18 PM, Kees Cook wro= te: > > I don't want to overload "security=3D", but we can if we want. It would > be as above, but a trailing comma would be needed to trigger the > "ordering" behavior. e.g. "security=3Dselinux" would disable all other > majors (retaining the current behavior), but "security=3Dselinux," would > disable all other LSMs. > > -Kees > > I don't think giving such big impact to trailing comma is good idea :) Jordan