Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp1034569ybi; Fri, 21 Jun 2019 12:30:54 -0700 (PDT) X-Google-Smtp-Source: APXvYqzFij1Ht0yQa/qyCKcDZ5JKz9Dkv/BFCcJXfEIKYkIQPXjE/etpAj5rB/0Zhcirau10K6FY X-Received: by 2002:a63:fb4b:: with SMTP id w11mr19934642pgj.415.1561145453854; Fri, 21 Jun 2019 12:30:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561145453; cv=none; d=google.com; s=arc-20160816; b=hhCiA5q9AoBEzpVRmwRVsNdj6w4RzM26U0ouOcT6DJuxrmitzUzgMulbzRCSOT4HHw 8UD91X3onNVZFc6Kr7UWv1Gn40CHKA/VlxJ2kdFXhofeRs9nuxJ442GcQNhLUeclsWVC 8sxFnIdCh1fAO/SwRBVm7yiVz3hw4fADhxRH38CaoJQB4kPq043ccXJT/YRB/61yzun2 X+5ZEf2zinSsmTJjsNy2LRDvrzQXoLqpJTyPLtfcoqkpA/q1ixylYMsJ9QYsbo/3Zhv1 OSdx3Y656UmsWpucG3qUj+R5n205dQEk/KI7kj4cMMYvnho9N1GCqoMKCN3e/B5UpXRD 7jtw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=WJl5y4V8VgS7JZxlv11fQ6wHrOa/T1ru3Q+ysKKp/3w=; b=U7kWonaDvbbyJoNQBwuZQpC/zvIP7Bsb+IHJQlrsDgVb2uvjIlU7cBWMK27SV6UG2J yswQnhuNd/ezsIaywKVwrOJZssN1G4KpnF8mUdbw+RpqsEDsTKkw6rxlrc3kTgphFBiG jP5GymKxJ3i0dormd4N1unn+QyYw6cMhW2LHxh0XEGjL8372VXmVGn2Og/dippzm/wth npRtxcCqWAMPZ+/RvOQ/KGP+60faJ24SUAyyBWhi/BJJAHyOgKjd/ylxdErBI7U5jgyV zU8O4VsY/v91coGjuhFVLuIE+bg18fVBWN9LX5Nud+h+AZkcdgsiI6vbTtylxVoKZ8Qf nAAQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=kjFTZ8Ai; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d9si3288584pgj.505.2019.06.21.12.30.37; Fri, 21 Jun 2019 12:30:53 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=kjFTZ8Ai; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726183AbfFUT31 (ORCPT + 99 others); Fri, 21 Jun 2019 15:29:27 -0400 Received: from mail-io1-f49.google.com ([209.85.166.49]:42176 "EHLO mail-io1-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725992AbfFUT31 (ORCPT ); Fri, 21 Jun 2019 15:29:27 -0400 Received: by mail-io1-f49.google.com with SMTP id u19so1199976ior.9 for ; Fri, 21 Jun 2019 12:29:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=WJl5y4V8VgS7JZxlv11fQ6wHrOa/T1ru3Q+ysKKp/3w=; b=kjFTZ8AiEb8WRwbQHtL2VjEfY4qz+tHy2NO/qwJ2qerHZehrPZZKALXI+/JDQlMAFH zvM6lqyG26h0Mjmj8pE3lcIPPeqWSRks8nK/hAQGyaiZsdXeDq8egvGZZE0AzNmyfGnb xv4W3G1tCKbUC/KlrtmWVxx/jFipAx5geNspxTUXuTVJjkZCi/+0+0dL9sjN78ydhiHs gxGHy2ZEVlznzm+YBKesFBZOv8q9uh9prCQt82ejjEUxddEb62inj9bzMDfeMLYf105c JnAZfNAEyu2Un6JYvvZ5N0gHwqW1RI6dVz6mbHAGE4zKfxPHYYJwLbYfDtGastjNfnhY WZCQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=WJl5y4V8VgS7JZxlv11fQ6wHrOa/T1ru3Q+ysKKp/3w=; b=rJXriCydXICy+vyuUfuhCOFOUh7e1i8iNa4X7Wc95wl9kbCg1IxTcRJw/D98sqthPe e6gXgniCUM4zPKvcnek+gjv8+KqLEgZb9yeOz7FYr5XMCl5Bohh0D6E/1LntSA29Wxcl HFPh0nLkp0XQo/FdxjQCVD5Jg43JORxYoCM++FwUyYjlRWQjYEQbSaOnrzrQzp0j8rx+ Aa8XHTK5gLrNkyvTWZQp7PP37QMbT/zVtiEY+h8zxt/mMOrGFVahPteu6gWroykE2kKw 4CbrfbjeN1V1bDu2nk0dcw8l73Juzz9BM80NvgBV6ZOKAUygD2bGabaWwBUXmyCU1djs DcuQ== X-Gm-Message-State: APjAAAX9kBeJ927MsDXzRQCgGFZ5Za8BcvZ9l9mI8yff83PR7CAL1uv8 3uNbvrfTsnG49RfeUcC9ireYacWHRH4gb/Hl+44UmQ== X-Received: by 2002:a02:914c:: with SMTP id b12mr27661552jag.105.1561145365939; Fri, 21 Jun 2019 12:29:25 -0700 (PDT) MIME-Version: 1.0 References: <20190621011941.186255-1-matthewgarrett@google.com> <20190621011941.186255-3-matthewgarrett@google.com> <201906202022.B09ED6E0@keescook> In-Reply-To: <201906202022.B09ED6E0@keescook> From: Matthew Garrett Date: Fri, 21 Jun 2019 12:29:15 -0700 Message-ID: Subject: Re: [PATCH V33 02/30] security: Add a "locked down" LSM hook To: Kees Cook Cc: James Morris , Linux Kernel Mailing List , Linux API Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jun 20, 2019 at 8:23 PM Kees Cook wrote: > bikeshed: can this just be called "security_locked_down" without the > "is"? Sure.