Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp1121503ybt; Sun, 14 Jun 2020 11:07:53 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxVtWVueWC2BbIBwCXu6DRoJi0yUlYOP237UjPdFqXeXGUVVmwLMF+VDIg1H6e2Ty5+ayq4 X-Received: by 2002:a17:906:f1cf:: with SMTP id gx15mr21688424ejb.207.1592158072966; Sun, 14 Jun 2020 11:07:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592158072; cv=none; d=google.com; s=arc-20160816; b=K+292h2LiuAMsME7jMJntPzur4voAOL5THvmNPUuwUu1u2P5UDuKUaCUkSnpl2wItE mcIbTwTyjPnzZ8hmwn5ip3C/GnfJ56Kq5SiN4HKsbU5quSd+gbeVi9qFfYqnQqQJmJvS LFYgR7+6JoUgRLG83nbhqAIMExth6obCKADOAHtK9nNYF+JZPQvmmV7w6zd6a2VausnA QeQ1etrupYZG1SkaM/7hNf6aBqdxe6oirJLPysDPgE4t/sZGuT4cK52Ai0AY+qvuEKLM feulGX+eJlU1A1vnowZ2RLqHQHYfikyvJSUWCI3O7zfgUcXy0xlJRioA/+B2kYaH3+EN WQ6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=JIDHezerTgnL7GKr3m2iwi84CeS+iRS083MytP4Y2ng=; b=0+xG4sVj57XjAGMHhlTMM/qd0ezqMTF4dcppp2xY+8Gccw85rGvbWNhLpiCvw9FJNZ LN8jN6Nml8eZg8N/EhRR5twZ7HEPTE0VC+0FEo0YFk5EhwSoZrlH7ygT6x4yWpTF/VIw 9V8XsydGYilAV2+nLVPyi5q+XH19ZEAbJO9Jr+izcLoXlxnzhTxb2yTlGPbcfGajGFRv 8Me9+HO1mctTCi60rUGChQqhaYUF5GKo+6DvlpCKZjLO9rXqeol6X2uwXJvKnDHU8hYx 21RsxJLVS8nZ8nxipXEwtCGY8m9YaNKlGDaK9ppP6EaMcMwj0Vn0SW2d89Xqbn6PXk0e aCcg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b="DRIIJe/5"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id dm20si7236562edb.457.2020.06.14.11.07.04; Sun, 14 Jun 2020 11:07:52 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b="DRIIJe/5"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726905AbgFNSEN (ORCPT + 99 others); Sun, 14 Jun 2020 14:04:13 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47656 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726513AbgFNSEL (ORCPT ); Sun, 14 Jun 2020 14:04:11 -0400 Received: from mail-ej1-x643.google.com (mail-ej1-x643.google.com [IPv6:2a00:1450:4864:20::643]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4CF0CC05BD43 for ; Sun, 14 Jun 2020 11:04:10 -0700 (PDT) Received: by mail-ej1-x643.google.com with SMTP id n24so15047009ejd.0 for ; Sun, 14 Jun 2020 11:04:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=JIDHezerTgnL7GKr3m2iwi84CeS+iRS083MytP4Y2ng=; b=DRIIJe/5ZgOSSlM4TfHCBt9MFGwrDs7/9v9LqnO6gj/8EgG2QoDbv/MIuBAanE6F3t CPW2l6QinshfB3h2r4AmZDck48INalnQhwQonzVNyyJyMLWDL8eoZZQpUBlgLmTBQ/0O FqeUK+ySBJOXrkLCIzPVo9r0+D1OZUV3o61nw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=JIDHezerTgnL7GKr3m2iwi84CeS+iRS083MytP4Y2ng=; b=WcZKFmhPnDYPVqktksCXldjIRN2bIKUYrhYgfsSzTbeb2nGTFx2HeCwy3ly6ybdL/S HAYSQA3tlHv6oVEvWJWnv7UBWztz9P+5VtRY5tDAGiFD3icH4mpj7lFPYx7PJCmfxYYC y8lHi712kKqk0yUAFj/SOFMDzrT5u7BnhGOOGXaaOk0IJxp7N5Jm0lW31B+RcBXk5V8g icRu/rgMRjeYocxnOQxg/7fwDxoSGN9xOe4PAEGeGebWfp2pT+MWM7F5ZJ07sKnuCrfq NHQDT0URwN8v7BK9uNDgDVl0OQUq4vcloGryOvnlaz6R+egHQZ2TNd0l2kItHTobSaPM TE4w== X-Gm-Message-State: AOAM530NLk/q6UyzQD76jqZDy9FNuPaDHhSgjRinLS4sUivN6FM/EGeD towSvHLKP1FFG6muXgmRebpqQhnGLDNgs27Ng1GeJttjtko= X-Received: by 2002:a17:906:2c5b:: with SMTP id f27mr23397357ejh.413.1592157848942; Sun, 14 Jun 2020 11:04:08 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Micah Morton Date: Sun, 14 Jun 2020 11:03:58 -0700 Message-ID: Subject: Re: [GIT PULL] SafeSetID LSM changes for v5.8 To: Linus Torvalds Cc: Linux Kernel Mailing List , linux-security-module Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org I amended the author on the lone commit in this pull request. For some reason I was thinking using the "From:" line in the commit body was how I should make things show up as Thomas as the author and me as the committer, but looks like that=E2=80=99s not true. I also removed my own Signed-off-by line from the pull request body and included it in the commit instead of the Reviewed-by line. Thanks, Micah The following changes since commit 3d77e6a8804abcc0504c904bd6e5cdf3a5cf8162= : Linux 5.7 (2020-05-31 16:49:15 -0700) are available in the Git repository at: https://github.com/micah-morton/linux.git tags/LSM-add-setgid-hook-5.8-author-fix for you to fetch changes up to 39030e1351aa1aa7443bb2da24426573077c83da: security: Add LSM hooks to set*gid syscalls (2020-06-14 10:52:02 -0700) ---------------------------------------------------------------- Add additional LSM hooks for SafeSetID SafeSetID is capable of making allow/deny decisions for set*uid calls on a system, and we want to add similar functionality for set*gid calls. The work to do that is not yet complete, so probably won't make it in for v5.8, but we are looking to get this simple patch in for v5.8 since we have it ready. We are planning on the rest of the work for extending the SafeSetID LSM being merged during the v5.9 merge window. This patch was sent to the security mailing list and there were no objectio= ns. ---------------------------------------------------------------- Thomas Cedeno (1): security: Add LSM hooks to set*gid syscalls include/linux/lsm_hook_defs.h | 2 ++ include/linux/lsm_hooks.h | 9 +++++++++ include/linux/security.h | 9 +++++++++ kernel/sys.c | 15 ++++++++++++++- security/security.c | 6 ++++++ 5 files changed, 40 insertions(+), 1 deletion(-) On Fri, Jun 12, 2020 at 2:23 PM Linus Torvalds wrote: > > Finally emptied my normal pull request queue and starting to look at > things I wanted to look at more closely.. > > On Tue, Jun 9, 2020 at 11:26 AM Micah Morton wrote= : > > > > This patch was sent to the security mailing list and there were no obje= ctions. > > That patch as committed has both the wrong authorship, and the wrong > sign-off chain. > > Not pulling. > > Linus