Received: by 2002:a05:7412:31a9:b0:e2:908c:2ebd with SMTP id et41csp4662726rdb;
        Fri, 15 Sep 2023 08:41:04 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IGBBHVLlO96/XKaenhUr7/GMFEpObYdmyDGqblWBD9wRi3S6RawC2me52ONziK/m9QTuv/H
X-Received: by 2002:a17:902:e5ca:b0:1c1:fbec:bc3f with SMTP id u10-20020a170902e5ca00b001c1fbecbc3fmr2073314plf.5.1694792464172;
        Fri, 15 Sep 2023 08:41:04 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1694792464; cv=none;
        d=google.com; s=arc-20160816;
        b=Tt2HmIsyNUxZGncjGR6bkOVZzpToST7kGPwK67/oRmlENDsc+9DyuGX2VdPK7HRWyD
         rwQzX5FWx3q2ZyEGViuk6D/QXNWGXQEZtSVjBmuEwWs58J2tdlmo2O6/tT1fHMClPMe0
         j/q/ICrPk+OWU4cyI7lG6In+klXuCPM+2iQbEDQGRdYj/80+UFDQWM47QOMSoH5Xw1dN
         RCglRggqfdfZMxWvPGzomm2L+0dTcAoAsjxxk1fRlh8+dae/KjOQsfToDfOR7TwerwGg
         b2y98FXzom+JNH/5MHl7inRizRCjmE8ldzr69+COnExhSFULkEp009aV565XS83YksTd
         pAiA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:in-reply-to:from
         :references:cc:to:content-language:subject:user-agent:mime-version
         :date:message-id;
        bh=LtD6KMOIHByDNCaAmrbxv1WflL5SNUT0XM10oUa27PY=;
        fh=ll47VoWWVEqkkuj6V8zQm5NhVoIH3QNWSC48tgEQzCs=;
        b=uHrbqnbqyd3dCphGSA+BHZT6zgob2EpLZ2rjSJwPiGpSBx9smfCbijjfvw8HuI1ohH
         c/hZ9DnnWDlci61NVFL/UzI2uw6rEuJLhybwzTL/H2b7ifJuG3CEiN8+Gwp0JhqAtlaN
         GX4imiGDYNd5UGMAnMaNzHQE3kogSoS5I1PBOHDJSEW5UslIRsNCd4hajUKPKQRsrlPg
         r5zdpwPqZVIsDqNwsbInB1bzFHegjEL3nd0YDezq+2NTJksSB2qs0HvCDbMcjnLgGkLU
         61xoRH5j14Kn7E9fuXpCoZHhWrvXrhSDnfeDNus1B+7ijaiX99pyWpZieCPM5OQsl69O
         Ab1A==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from snail.vger.email (snail.vger.email. [23.128.96.37])
        by mx.google.com with ESMTPS id y2-20020a17090264c200b001bb7b0d358bsi3498184pli.272.2023.09.15.08.41.03
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 15 Sep 2023 08:41:04 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) client-ip=23.128.96.37;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by snail.vger.email (Postfix) with ESMTP id 08E1B8327F81;
	Fri, 15 Sep 2023 04:33:21 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S234331AbjIOLdQ (ORCPT <rfc822;benlin170369@gmail.com>
        + 99 others); Fri, 15 Sep 2023 07:33:16 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44346 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S233695AbjIOLdP (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 15 Sep 2023 07:33:15 -0400
Received: from www262.sakura.ne.jp (www262.sakura.ne.jp [202.181.97.72])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 44574CC6;
        Fri, 15 Sep 2023 04:33:10 -0700 (PDT)
Received: from fsav314.sakura.ne.jp (fsav314.sakura.ne.jp [153.120.85.145])
        by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTP id 38FBWXI2019756;
        Fri, 15 Sep 2023 20:32:33 +0900 (JST)
        (envelope-from penguin-kernel@I-love.SAKURA.ne.jp)
Received: from www262.sakura.ne.jp (202.181.97.72)
 by fsav314.sakura.ne.jp (F-Secure/fsigk_smtp/550/fsav314.sakura.ne.jp);
 Fri, 15 Sep 2023 20:32:33 +0900 (JST)
X-Virus-Status: clean(F-Secure/fsigk_smtp/550/fsav314.sakura.ne.jp)
Received: from [192.168.1.6] (M106072142033.v4.enabler.ne.jp [106.72.142.33])
        (authenticated bits=0)
        by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTPSA id 38FBWW8A019752
        (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NO);
        Fri, 15 Sep 2023 20:32:32 +0900 (JST)
        (envelope-from penguin-kernel@I-love.SAKURA.ne.jp)
Message-ID: <1f5e725d-58b6-eca2-97dc-d7c1209ff167@I-love.SAKURA.ne.jp>
Date:   Fri, 15 Sep 2023 20:32:32 +0900
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101
 Thunderbird/102.15.1
Subject: Re: [PATCH v15 01/11] LSM: Identify modules by more than name
Content-Language: en-US
To:     Casey Schaufler <casey@schaufler-ca.com>, paul@paul-moore.com,
        linux-security-module@vger.kernel.org
Cc:     jmorris@namei.org, serge@hallyn.com, keescook@chromium.org,
        john.johansen@canonical.com, stephen.smalley.work@gmail.com,
        linux-kernel@vger.kernel.org, linux-api@vger.kernel.org,
        mic@digikod.net
References: <20230912205658.3432-1-casey@schaufler-ca.com>
 <20230912205658.3432-2-casey@schaufler-ca.com>
From:   Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
In-Reply-To: <20230912205658.3432-2-casey@schaufler-ca.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-3.4 required=5.0 tests=BAYES_00,NICE_REPLY_A,
        RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_NONE autolearn=unavailable
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Fri, 15 Sep 2023 04:33:21 -0700 (PDT)

On 2023/09/13 5:56, Casey Schaufler wrote:
> Create a struct lsm_id to contain identifying information about Linux
> Security Modules (LSMs). At inception this contains the name of the
> module and an identifier associated with the security module.  Change
> the security_add_hooks() interface to use this structure.  Change the
> individual modules to maintain their own struct lsm_id and pass it to
> security_add_hooks().
> 
> The values are for LSM identifiers are defined in a new UAPI
> header file linux/lsm.h. Each existing LSM has been updated to
> include it's LSMID in the lsm_id.
> 
> The LSM ID values are sequential, with the oldest module
> LSM_ID_CAPABILITY being the lowest value and the existing modules
> numbered in the order they were included in the main line kernel.
> This is an arbitrary convention for assigning the values, but
> none better presents itself. The value 0 is defined as being invalid.
> The values 1-99 are reserved for any special case uses which may
> arise in the future. This may include attributes of the LSM
> infrastructure itself, possibly related to namespacing or network
> attribute management. A special range is identified for such attributes
> to help reduce confusion for developers unfamiliar with LSMs.
> 
> LSM attribute values are defined for the attributes presented by
> modules that are available today. As with the LSM IDs, The value 0
> is defined as being invalid. The values 1-99 are reserved for any
> special case uses which may arise in the future.
> 
> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
> Cc: linux-security-module <linux-security-module@vger.kernel.org>
> Reviewed-by: Kees Cook <keescook@chromium.org>
> Reviewed-by: Serge Hallyn <serge@hallyn.com>
> Reviewed-by: Mickael Salaun <mic@digikod.net>
> Reviewed-by: John Johansen <john.johansen@canonical.com>

Nacked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>

https://lkml.kernel.org/r/4a6b6e2c-9872-4d4c-e42e-4ff0fb79f3ae@I-love.SAKURA.ne.jp