Received: by 2002:a05:7412:2a8a:b0:fc:a2b0:25d7 with SMTP id u10csp350129rdh;
        Wed, 7 Feb 2024 06:42:04 -0800 (PST)
X-Forwarded-Encrypted: i=3; AJvYcCUf3BEJzKBQpef0cRTYHEFsWDZ59ckeedYHEovYryZwrqBswHbdEYCuMO4STKeKWQ2ySpyezDarXrSBmejWkLaKrb3o8BCtqPoHEWm88A==
X-Google-Smtp-Source: AGHT+IF9u62wcs2Uzxu3Ed4d/j0GVsstnK7VxmLa7Sg1UPrmjfFddE13W/2+8eTYLkl0CQwsXZmj
X-Received: by 2002:a17:902:7484:b0:1d8:b6c8:d9e0 with SMTP id h4-20020a170902748400b001d8b6c8d9e0mr4509080pll.68.1707316924487;
        Wed, 07 Feb 2024 06:42:04 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1707316924; cv=pass;
        d=google.com; s=arc-20160816;
        b=TzaX5zs/4tj07jmPMJrfyC7+sqmM9h+naKNhYIqvAdZS3D2NitYCLU/EOnjekFsczi
         jqLqrV9y6Bmywhw83jQkwAND+cqlzxG7L8mUuYULDqfiLJcRVEs1zwZFcrN59qrPk7t+
         RoJum0fSVZD7nrag+tKVIwJhwEPdnFN0gjRFXPkNQ2Q02ZoXIt0/wTpXxgo5MZ1BdSOG
         NXBqc/BLJYgNmuor/sFoiwZ0yi6sFLXuiu5sGizseEIoO9uBK8wYkeCuZ1daQfc0vbmC
         T+I0nsy2/Y4yL8508iu445JT7k+ii8herjBVosJMl4KkCKuV1nmAu4fQNKDInRaSYqUE
         592A==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:in-reply-to:from:references:cc:to
         :content-language:subject:user-agent:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:date:message-id;
        bh=TC46R2oigTVJqbq/qpMRrfKOnasBA24N1uFUcbzs7lg=;
        fh=T5czeiSJVyCUm+Sffj7u/P5XHgL7KUsKgIsZzgdIpQI=;
        b=gUtGMTM6EKF9fBGkbSa/sgGbFaJAf3O4vPdxz7fbkx465EtTc28c/xkw5hdY9WAjyc
         +gMMVc6sTgsmbgHCS1E7BEF/Yok5FVGP7n51PMYdOho7QSxzIuZEGDZdj8zueStvO3UF
         SVG7pvhDoul9EqLx+01LWYoKDPwwD1mDz1U1SVPKuijiRA+ZLa9FpLpYdt7HihG5InC9
         Hb4r0KO/lO47NXSUA2lgo9uSe/GIq6XmXeYCBlnoBpV/mg8vdC729oP0otlJPVEnGiMe
         swJ1ICh1HNWAHVQSjtaiO7ftEK1HSHbdXB2nndheqNN4UNSqt4eFCdZQRgBdqTSBTdm8
         Gmkg==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       arc=pass (i=1 spf=pass spfdomain=i-love.sakura.ne.jp);
       spf=pass (google.com: domain of linux-kernel+bounces-56635-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-56635-linux.lists.archive=gmail.com@vger.kernel.org"
X-Forwarded-Encrypted: i=2; AJvYcCW0vxnmDcfAFu7M1Sxo4mmALirZRNRgi1DGcAic+ZEezuCn6LnU2ZssbFmFqZCfd6yaKDZbfqCfb19pbNNFxeLiNfEXkGOThIJun/lebQ==
Return-Path: <linux-kernel+bounces-56635-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1])
        by mx.google.com with ESMTPS id q16-20020a170902dad000b001d9efc7c6ddsi1571923plx.26.2024.02.07.06.42.04
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 07 Feb 2024 06:42:04 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-56635-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1;
Authentication-Results: mx.google.com;
       arc=pass (i=1 spf=pass spfdomain=i-love.sakura.ne.jp);
       spf=pass (google.com: domain of linux-kernel+bounces-56635-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-56635-linux.lists.archive=gmail.com@vger.kernel.org"
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sv.mirrors.kernel.org (Postfix) with ESMTPS id 2728F281DF4
	for <linux.lists.archive@gmail.com>; Wed,  7 Feb 2024 14:42:04 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 7E3907E779;
	Wed,  7 Feb 2024 14:41:52 +0000 (UTC)
Received: from www262.sakura.ne.jp (www262.sakura.ne.jp [202.181.97.72])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id DAA982561C;
	Wed,  7 Feb 2024 14:41:48 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=202.181.97.72
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1707316912; cv=none; b=uLWtuMuZY4Sit98VoUj5GovDCmquVqjfSq64EsnCcgQ5Tw8JziSgfamwMwv5MXzLsEzif41VMGm3HUSW3v7bPX3DUHawgfi4y9WdikJr7CZqRFgOxmijl6ZzPyFEO9e0vF4lso2LlTJY5tlLuzQHLRs5ob7KFtdx/ViDAP+D4r4=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1707316912; c=relaxed/simple;
	bh=ht5EjXVnhtYPjjYf7qPGVv/MLquyBdgjIj/mEaw7S6M=;
	h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From:
	 In-Reply-To:Content-Type; b=C1HphomtqUimjIosROa+6SFmtdCYWipy1sU9egpsI6VDmbHmPztz6uC0Fdrw43xwak7QVRFDMgJCRYJtGXc6qJEKNKoiIhz8A0s1ehzsWeov24Yu29LCmCiGJIrgofKPf+Nv4MugCBvJI21FUK0AzxKxorucz5IR0XHFfqLSO+s=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=I-love.SAKURA.ne.jp; spf=pass smtp.mailfrom=I-love.SAKURA.ne.jp; arc=none smtp.client-ip=202.181.97.72
Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=I-love.SAKURA.ne.jp
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=I-love.SAKURA.ne.jp
Received: from fsav414.sakura.ne.jp (fsav414.sakura.ne.jp [133.242.250.113])
	by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTP id 417Ef573028669;
	Wed, 7 Feb 2024 23:41:05 +0900 (JST)
	(envelope-from penguin-kernel@I-love.SAKURA.ne.jp)
Received: from www262.sakura.ne.jp (202.181.97.72)
 by fsav414.sakura.ne.jp (F-Secure/fsigk_smtp/550/fsav414.sakura.ne.jp);
 Wed, 07 Feb 2024 23:41:05 +0900 (JST)
X-Virus-Status: clean(F-Secure/fsigk_smtp/550/fsav414.sakura.ne.jp)
Received: from [192.168.1.6] (M106072142033.v4.enabler.ne.jp [106.72.142.33])
	(authenticated bits=0)
	by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTPSA id 417Ef5NY028664
	(version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NO);
	Wed, 7 Feb 2024 23:41:05 +0900 (JST)
	(envelope-from penguin-kernel@I-love.SAKURA.ne.jp)
Message-ID: <38e6e589-23f9-4dfd-8588-9e0d13500dfc@I-love.SAKURA.ne.jp>
Date: Wed, 7 Feb 2024 23:41:01 +0900
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: [PATCH v2 1/3] LSM: add security_execve_abort() hook
Content-Language: en-US
To: Kees Cook <keescook@chromium.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
        Eric Biederman <ebiederm@xmission.com>,
        Alexander Viro <viro@zeniv.linux.org.uk>,
        Christian Brauner <brauner@kernel.org>, Jan Kara <jack@suse.cz>,
        Paul Moore <paul@paul-moore.com>, James Morris <jmorris@namei.org>,
        "Serge E. Hallyn" <serge@hallyn.com>,
        linux-security-module <linux-security-module@vger.kernel.org>,
        linux-fsdevel <linux-fsdevel@vger.kernel.org>,
        LKML <linux-kernel@vger.kernel.org>
References: <8fafb8e1-b6be-4d08-945f-b464e3a396c8@I-love.SAKURA.ne.jp>
 <999a4733-c554-43ca-a6e9-998c939fbeb8@I-love.SAKURA.ne.jp>
 <202402070622.D2DCD9C4@keescook>
From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
In-Reply-To: <202402070622.D2DCD9C4@keescook>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

On 2024/02/07 23:24, Kees Cook wrote:
> This looks good to me.
> 
> Given this touches execve and is related to the recent execve changes,
> shall I carry this in the execve tree for testing and send a PR to Linus
> for it before v6.8 releases?

Yes, please do so. (My git tree is currently down.)

> 
> There's already an Ack from Serge, so this seems a reasonable way to go
> unless Paul would like it done some other way?
> 
> Reviewed-by: Kees Cook <keescook@chromium.org>
> 

Thank you.