Received: by 2002:a25:824b:0:0:0:0:0 with SMTP id d11csp2410228ybn; Thu, 26 Sep 2019 11:26:08 -0700 (PDT) X-Google-Smtp-Source: APXvYqyRKdQmXACLcgw0D/WoUhAyG/zvSDD1Na3IkU1NE8Vv7SlCPQmZEBQXSG48k1MAacIt85mA X-Received: by 2002:a17:906:5644:: with SMTP id v4mr4404836ejr.52.1569522368451; Thu, 26 Sep 2019 11:26:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1569522368; cv=none; d=google.com; s=arc-20160816; b=MjFvUmBJEC3KnjbbhfJ8PyjF8z4mWXT4/utvVSgUCmrCa3diq8run59EnxlNLcDAIa GX06i/qwsfJWH6FLeWrWD7PB76syZWhnvXdlsBJZSRCLgvPc0RLJyBDgXwMQCB9M9jeG Uqqm4Tw4pitZKtyJGiDJUTDa/bgNdeFiBAe5YVAQZ/jlnkisnqd7RcFwe/691PlT4MBy fYFGfwsRwImrT6L/WXWAlCvSSOBz87GBF6ij2+z2K3JxUnaIso7jp6BTtghW2l+scrQ3 oNAomAdpNfoMc8t1gYNYpuRGmbwFaKs2AF6MucYyvbgqF7yLkTUNlZpSBs08o255grod mSRg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=rrcu3G8Duy/FeUjbYtKJnhs5/UkfjjDxGs8XQQZjFoU=; b=SmGtzcVgugyfZS/W8qOCvJQPvLcI0yoYcbBCci1bmqEHGphlAdgUmIq/ZHSiMFmUdO qYTndWR1Aiw1xBbWHw9hri+/1wlvJKNIAj1JsnY2BCf9vgc5lBZBK9bz2VCMJHVw1lBS EgW5kystue01lQIUae80nfdUqK1v5AnNXOBUh3ed2zSSwnhIlRsWe0bQJmOiIqyPLEDp pgY7N9cv8MWHh+8toag/jzbD8W7ZzU10rejVw+w2fa6jp/QMfZUaWKkT8ShbTpsZDM5T cNGjQ8qPCy00lgS1BnvdwIjf54HtROPD7NW3yZrpAU5UITVy8Z9q398BbECassvtJpcv J+CQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=gzGIbnTB; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j18si1535620ejv.201.2019.09.26.11.25.44; Thu, 26 Sep 2019 11:26:08 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=gzGIbnTB; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728202AbfIZSVy (ORCPT + 99 others); Thu, 26 Sep 2019 14:21:54 -0400 Received: from mail-lf1-f65.google.com ([209.85.167.65]:35556 "EHLO mail-lf1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727899AbfIZSVy (ORCPT ); Thu, 26 Sep 2019 14:21:54 -0400 Received: by mail-lf1-f65.google.com with SMTP id w6so2450537lfl.2 for ; Thu, 26 Sep 2019 11:21:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=rrcu3G8Duy/FeUjbYtKJnhs5/UkfjjDxGs8XQQZjFoU=; b=gzGIbnTBRa0MWz7TFhp8ocJz4Lh2yp/shAcSeubrA6fuXKkzxeQIMSMNUPYdBFXJYn /j0pV7SWgvNqO2g+oiezYX4Vi4visN26kdNsSZ+7eBfZXMOInvLGEWdmfAdWBQVuPnk5 706kND9Z6EULVBwuXFq61uGYcokd+0OZjjggU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=rrcu3G8Duy/FeUjbYtKJnhs5/UkfjjDxGs8XQQZjFoU=; b=rfUUzcx4Ls4+aW4nLeW2jQTqtvpuv/gwpM1sCaINbLbH+0QYfNHxs8eqfNahxyTnWi 0O7Vt3Lt/OTooCSzQClWN0XcFTzflbDKhgSkm1mKCWaSBHgavXSPAZTjxQ+wl4Ot3USz mdGpQz++RJILOiDIc2pCh4XAlHSj7RF8z5HzhvigYLyZrCN4tfw5Lwhu21Z6/Z5okiH7 HLLaqmmsPztqIyD2QvK7pTf0d5lzG85HL2WDRN7BDDNXyII85yLSolPlus68ifpK4BVE kpxAHeE7VwGDYSP0IrySFtdbgE05CLkmJjBpPi4Sm/k8jWvWWxJtUNbsTBcL5jduhfYg efsQ== X-Gm-Message-State: APjAAAWkcmMcJuCjpXP9UYHdi3dGCBnp/P5hj36wcciEFzvhKSvi6wNS KHuR7iFR78L6rb39Q5N8wodFN9NE9zs= X-Received: by 2002:ac2:44d2:: with SMTP id d18mr3196302lfm.67.1569522111844; Thu, 26 Sep 2019 11:21:51 -0700 (PDT) Received: from mail-lf1-f41.google.com (mail-lf1-f41.google.com. [209.85.167.41]) by smtp.gmail.com with ESMTPSA id s7sm704457ljs.16.2019.09.26.11.21.49 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 26 Sep 2019 11:21:50 -0700 (PDT) Received: by mail-lf1-f41.google.com with SMTP id d17so2424519lfa.7 for ; Thu, 26 Sep 2019 11:21:49 -0700 (PDT) X-Received: by 2002:a19:2489:: with SMTP id k131mr3025988lfk.52.1569522109593; Thu, 26 Sep 2019 11:21:49 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Linus Torvalds Date: Thu, 26 Sep 2019 11:21:33 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [GIT PULL] SafeSetID LSM changes for 5.4 To: Micah Morton Cc: James Morris , Jann Horn , Bart Van Assche , "Paul E. McKenney" , Linux Kernel Mailing List , linux-security-module Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Sep 23, 2019 at 8:31 PM Micah Morton wrote: > > The best way I know of ensuring this is > for me to personally run the SafeSetID selftest (in > tools/testing/selftests/safesetid/) every release, regardless of > whether we make any changes to SafeSetID itself. Does this sound > sufficient or are there more formal guidelines/processes here that I'm > not aware of? I think that would help, but I wopuld also hope that somebody actually runs Chromium / Chrome OS with a modern kernel. Even if *standard* device installs don't end up having recent kernels, I would assume there are people who are testing development setups? Linus