Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp1298241ybi;
        Fri, 12 Jul 2019 13:13:39 -0700 (PDT)
X-Google-Smtp-Source: APXvYqyZ2a1oMVB129bgKpVUUalo9MBt9RCER43PpLEMBQSE6Sf55px4DV/13bfol8HyV/pMNa5S
X-Received: by 2002:a65:44ca:: with SMTP id g10mr12766157pgs.435.1562962419631;
        Fri, 12 Jul 2019 13:13:39 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1562962419; cv=none;
        d=google.com; s=arc-20160816;
        b=I1K2ebwV0I1d3chBHkq58fcxfAiD+mlcknEtbD8bPQhej2H8IJLX9YZyyHkEfCHSIB
         CgMRos0QO3wNba5lgVmiLeCe4U0sclyFurrRJobxwYW/o5w3v5Dly/ppzEfkspkdjjfb
         H9rAQ7vRZIsDK9SBi4bzemQMDL+SiIjDDLc5W+TPCKmIvaVxK2fqvtjOiD6rFxU6JALO
         E0cVFkeGe9hvdmvE44XXuEnleNTPu3UEIHCUuJ3vodqm2d0Iwq1RQM+Bs/7o+vbda+9Z
         IcRLaBlNERbFDx7if9onHHioA0ECzOP3wta/DIvrditEUI25aF0oDFUT3in1DpPbh4Hg
         1XBQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:references
         :message-id:in-reply-to:subject:cc:to:from:date;
        bh=trhL7A9sCgdsCg3E68v9PSH6O7j6N+ey6WakXVWSTGY=;
        b=XnGEECBktyX3/Z5pAFSs/tIr5gX1WrG7WK3yeNZ+aWMml/wYeEKngn+HS9f+wTouMP
         HRQm2hSuAXX8cu8pNQtWp87qpIm98pia1YY/Rv2hN8d6paAc63uEjdg8ZsU1A4f4us9F
         gzb8fQJOq0EY06IIVTrN8SWF61so/yLDJLTKqKnA6aFsVeiBOm2oE5eOelKAC7BLqr/q
         zmaYNuIDs1N3fxiH9bHgD7uDmQAUd7xhmJqkYatjz+bBf20pwrTCugnp34QJDt3j7wnv
         oUIZNjb+Py/F/JJuyCY/wDrhbnpHBlEmPvtbkjeWZE5LVycWRZGO6bhjIeXDatySpqFi
         JRFA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id p12si9104545pgj.437.2019.07.12.13.13.21;
        Fri, 12 Jul 2019 13:13:39 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727563AbfGLUNA (ORCPT <rfc822;daisukeokaopensource@gmail.com>
        + 99 others); Fri, 12 Jul 2019 16:13:00 -0400
Received: from namei.org ([65.99.196.166]:34928 "EHLO namei.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1727487AbfGLUNA (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 12 Jul 2019 16:13:00 -0400
Received: from localhost (localhost [127.0.0.1])
        by namei.org (8.14.4/8.14.4) with ESMTP id x6CKBdwI009529;
        Fri, 12 Jul 2019 20:11:40 GMT
Date:   Sat, 13 Jul 2019 06:11:39 +1000 (AEST)
From:   James Morris <jmorris@namei.org>
To:     David Howells <dhowells@redhat.com>
cc:     viro@zeniv.linux.org.uk, Casey Schaufler <casey@schaufler-ca.com>,
        Stephen Smalley <sds@tycho.nsa.gov>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        nicolas.dichtel@6wind.com, raven@themaw.net,
        Christian Brauner <christian@brauner.io>,
        keyrings@vger.kernel.org, linux-usb@vger.kernel.org,
        linux-security-module@vger.kernel.org,
        linux-fsdevel@vger.kernel.org, linux-api@vger.kernel.org,
        linux-block@vger.kernel.org, linux-security-module@vger.kernel.org,
        linux-kernel@vger.kernel.org
Subject: Re: [PATCH 1/6] security: Add hooks to rule on setting a superblock
 or mount watch [ver #5]
In-Reply-To: <156173702349.15650.1484210092464492434.stgit@warthog.procyon.org.uk>
Message-ID: <alpine.LRH.2.21.1907130611040.4685@namei.org>
References: <156173701358.15650.8735203424342507015.stgit@warthog.procyon.org.uk> <156173702349.15650.1484210092464492434.stgit@warthog.procyon.org.uk>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, 28 Jun 2019, David Howells wrote:

> Add security hooks that will allow an LSM to rule on whether or not a watch
> may be set on a mount or on a superblock.  More than one hook is required
> as the watches watch different types of object.
> 
> Signed-off-by: David Howells <dhowells@redhat.com>
> cc: Casey Schaufler <casey@schaufler-ca.com>
> cc: Stephen Smalley <sds@tycho.nsa.gov>
> cc: linux-security-module@vger.kernel.org
> ---
> 
>  include/linux/lsm_hooks.h |   16 ++++++++++++++++
>  include/linux/security.h  |   10 ++++++++++
>  security/security.c       |   10 ++++++++++
>  3 files changed, 36 insertions(+)


Acked-by: James Morris <jamorris@linux.microsoft.com>


-- 
James Morris
<jmorris@namei.org>