Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp3609606yba;
        Sat, 11 May 2019 15:10:28 -0700 (PDT)
X-Google-Smtp-Source: APXvYqzI+51EWDenLLepnqJ4sPlxCo/QNdVmSykkUHw3ypjewH5f0zGwBpuNiHHfFPn/rTVQVNvf
X-Received: by 2002:a63:295:: with SMTP id 143mr22924485pgc.279.1557612628766;
        Sat, 11 May 2019 15:10:28 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1557612628; cv=none;
        d=google.com; s=arc-20160816;
        b=znsrs2OGvYfZxEHUnYnr1So85wl+V8VYxEvbvnRrpi12WGLdE8wfaE6JmRYAoGlpH8
         FLi7fKz1nrZ39B2Hu2vlK/auaiH3m5mlAVOnJbfq0boLVEfxY7n9OyUqzGqEmMSjnncF
         xG7vlRKcyhPCGoZ4gvivT/3QzfES8l5RhBUn2OAgu4NqthFjnwzUxaGP1CtvjMUr4lSw
         WGWN2Bz0U3979RXXU6vFpd1rZ/788jii+oWdAR5YcbXCh2aXkYT26S92ZDmB0eFH5zks
         Udzlg4+WkC88BFuR9pqDJs4NinlcKYbHfvXM0/YBYHXdDr7Pw+fowNdOd+R1+zYifMMQ
         0Thg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-language
         :content-transfer-encoding:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:dkim-signature;
        bh=sVwX4Pbfsm9Uj9dzX0wgQUbE125Ae2WKACxSBlL18uM=;
        b=c5Fr7GmK90nac2OHe4OE24A2nFggk7dNq+1rxl/H/8VF7krG9mhqBPkEEQtWlyzrsR
         ULhReVZrJTqSPMhTO9gta2Nd5OhkLWHlDz0XLdLkdz7vfyYvcSHOw/8jQ8AuN4kg2XHG
         5ukQ230yC55wKv7DU3f7p4B3pBaWCPzbayWW9UfcaQ+2X5oO9o56/9PQDfDbbyXoj6bw
         S6On30lGk6hEKK10a3H+WQTQyF6yD89QReje368iz/IR/Zk13VJlwZWuGguMS5ExY7+m
         SxAG/QSroKDvSNpuSS7CWnYJRtbBYQeyA5kklBHoKmRfMXIpr3zDN5xBppFnWRfZt0l9
         xw3Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@yahoo.com header.s=s2048 header.b=mLIyO2y+;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id k186si15222308pfc.189.2019.05.11.15.10.12;
        Sat, 11 May 2019 15:10:28 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@yahoo.com header.s=s2048 header.b=mLIyO2y+;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726414AbfEKWI0 (ORCPT <rfc822;busarih159@gmail.com>
        + 99 others); Sat, 11 May 2019 18:08:26 -0400
Received: from sonic306-9.consmr.mail.bf2.yahoo.com ([74.6.132.48]:44735 "EHLO
        sonic306-9.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1726348AbfEKWIZ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 11 May 2019 18:08:25 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1557612504; bh=sVwX4Pbfsm9Uj9dzX0wgQUbE125Ae2WKACxSBlL18uM=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From:Subject; b=mLIyO2y+0hf+tMf08WsNSspCjkvy/eujQBOD9Np9spL9tvaQ5VpLT3X41qYJ6rqag/SX5jfVJalTRHw7L/dfOsdFju/c6HiWJtZIlBcV2DVhS3LPy3Vkb55Iwfh4/9UVxZyFahyNB+DNt0DOj2obyD15t9tqeK+yfIeMP5zEIThfrMycWR75kZMi72/Okt6YWD+ygLeAN8+kV/UJoKyCMayDfJmvpGu+SRKPvmTC375S7JeZMDYxUutYvuE8lOhElDrGkOw+oVWNx+IbxZ3l4nINTlMBC0aPfmdSCFWHmWWUtsBCWFVJ0OtVX7xj0Hih0VEvu5ZW/lPUrcs+jv5IWA==
X-YMail-OSG: ET_0JFYVM1mGTvVnpqtxwdc0ELvATxbKogTCBvQCzVy35Szp0cIPZojhdHVPHuL
 QiKRUGrrWIK94HpWvEiHk8XYLyGAjPmww7HIcSIB90hbCZ1nfhYLEAR3Dhm3OmNiuxz0giDnv2wq
 6h_PsfkXUIiVBZUHMBRczQnwsO4SmP4P3.uo8226rn1KxCVzXsxQW6kIFX1.4ExpzzsSBhVnKC3c
 IUpevFKflaeAIkqxoOgxLYzx5c6zQV6BaNZqPwwW9rj_rC.awj4HeslhuvXyIuu1.IVgDlfZ9Tjp
 AtsLzmLxltsFJ4Lb23tDIf75zUZbwJerlrCIXS18rquMieacBywIMEAwhxUKXszD65slnQGrnKqE
 4iu16exxfVHLu0aLgb4xmxgnkKMzbZstC7Wcx..vT5PY_2bDIZ6ZT41BPsfpIlHOdDmeT3t.vs.g
 l4kMb9USU3DAh7ba9a8vNoJL7hws8yIRlojUo1UdMCLYmoseQ_48A57NlhqPJRbJf2uH6Mpi08pB
 hku6MXdoZ_W4pKWJ46lwQJo59zthHwE4ueiyBksShjhAvB5KdQ7OIZXXTl1OBaOxhonCKDelu5Dh
 ONiYL1dKPP_ZP.YJhkBZrxEh4c9DAxDHbkx9W4y7WJD.z4i6_GJ8WiT5OlqlpCWN42GWhzVYBAV8
 .r23iMCg8MLoYCfyakCruPAGLgd9_k1rYxuWecrPBFeMFHIz0vK3cydVLfHVBjXagMqJd2cJ.W7J
 iMSBxdYY1cjZ03NaXZY2ju0ATd3Xo1xqUfzVVWorAzI5dxUb0TL0V6JZ4_ydniGfKeURzSHdjDDs
 W_B28q53izGN6rIuGlBEuPWXR4zakerVGauSt.fzCR7B3UjyljoY.YmCBZ5tOdfTfn60OQ6LNbE7
 diXGn1lq1PmAOrGf6_v1K8lJ9Bxf38UpD7rNOFNatnQNovTx5pL2bdLNUoAbsYXd.xooMJV9gada
 5ydGLcDg6D83Evmiv2vQzmTpou0hFoeXW5jP70b3g7oRsReMgypj3JX8SpRY3u4VCbyW9cafVDug
 tuERVjNSF6qxZM_spWHFUWoHivgvFY_Dwxy_GNheYq2gb_SECn9pcEUgTV8.GAyrp_v2gp4Dvnrm
 6d0uDMErAwurCyZajfhpRCQ5b5s_ZTX4WAQnO0VA2bKxPi0aYzxZjEI7XqTxsAuhVt0zqEW.IT1B
 RNFYYCk8Rs0ipXhMCkJxA2lW9qjTv8pR5HXlH91bo0s50JiPnXM93sc9E.WFnoPk3r8ztT8.UMhp
 AyOXqe8VxoNmKCfj0HTq4R2E-
Received: from sonic.gate.mail.ne1.yahoo.com by sonic306.consmr.mail.bf2.yahoo.com with HTTP; Sat, 11 May 2019 22:08:24 +0000
Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO [192.168.0.103]) ([67.169.65.224])
          by smtp409.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 89f668ca3f757c7aa6565c3d3f390d4e;
          Sat, 11 May 2019 22:08:20 +0000 (UTC)
Subject: Re: [GIT PULL] security subsystem: Tomoyo updates for v5.2
To:     Paul Moore <paul@paul-moore.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        James Morris <jmorris@namei.org>
Cc:     LSM List <linux-security-module@vger.kernel.org>,
        Linux List Kernel Mailing <linux-kernel@vger.kernel.org>,
        casey@schaufler-ca.com
References: <alpine.LRH.2.21.1905110801350.9392@namei.org>
 <CAHk-=wg8UFHD_KmTWF3LMnDf_VN7cv_pofpc4eOHmx_8kmMPWw@mail.gmail.com>
 <CAHC9VhSSwYk6isqz8N3nOO_O17C30E2EyCHKf5OqsdESeMoT7g@mail.gmail.com>
From:   Casey Schaufler <casey@schaufler-ca.com>
Message-ID: <24d602d2-a1a7-7b1e-9035-a2d732cd822b@schaufler-ca.com>
Date:   Sat, 11 May 2019 15:08:07 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101
 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <CAHC9VhSSwYk6isqz8N3nOO_O17C30E2EyCHKf5OqsdESeMoT7g@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 5/11/2019 11:13 AM, Paul Moore wrote:
> On Sat, May 11, 2019 at 10:38 AM Linus Torvalds
> <torvalds@linux-foundation.org> wrote:
>> On Fri, May 10, 2019 at 6:09 PM James Morris <jmorris@namei.org> wrote:
>>> These patches include fixes to enable fuzz testing, and a fix for
>>> calculating whether a filesystem is user-modifiable.
>> So now these have been very recently rebased (on top of a random
>> merge-window "tree of the day" version) instead of having multiple
>> merges.
>>
>> That makes the history cleaner, but has its own issues.
>>
>> We really need to find a different model for the security layer patches.
> If it helps, the process I use for the SELinux and audit trees is
> documented below.  While it's far from perfect (I still don't like
> basing the -next trees on -rcX releases) it has seemed to work
> reasonably well for some time now.
>
> * https://github.com/SELinuxProject/selinux-kernel/blob/master/README.md

On the whole this looks fine to me. I am less comfortable than Paul
is regarding changes that happen elsewhere, so I would be more likely
to base in the rc-1 than Paul. More developers test with SELinux than
Smack. I am in the process of putting an appropriate GPG environment
together for 5.3.

The LSM infrastructure work I've been doing should still go through
James, as it has global implications.