Received: by 2002:ab2:620c:0:b0:1ef:ffd0:ce49 with SMTP id o12csp1368271lqt; Wed, 20 Mar 2024 01:28:58 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUmYPpNGHsv9wLgv+mCGgbjcyN0evtg8kWZHXDTLZ60j4CA2sRh6CtVdd9cJbpkqGaX6qcqWvQ+UaYKRNZ3IhQale2ArLmVcnBUhMMAMA== X-Google-Smtp-Source: AGHT+IHnSLt3DmEy0BwXiAPwl0je1VRGQ8WW2KpZjnqIINQsJPV4bTSMEVyUTC8yODObzHPhlKuP X-Received: by 2002:a05:6a00:9298:b0:6e6:9fed:d9e6 with SMTP id jw24-20020a056a00929800b006e69fedd9e6mr21982799pfb.1.1710923337803; Wed, 20 Mar 2024 01:28:57 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1710923337; cv=pass; d=google.com; s=arc-20160816; b=ZlpQ8DMi7dyrMSXZz4p4+7lHKKfUYqvwsOXg938+9VrJAVrXUsBJyaalGd90jHF6Nk ztOVVouKYCMq5UXW+GdlLFgdL2442aXj5Z1CmYRTELaY/LjZVhsk0yb6itzTuJ87DfwQ XEAeAqq28GtoQ8zOPyvjxc6P+aDohlQ7iyHrn4hmxs8Z3xUZJzz3PXhpUCbqCxYeRIyC bnMs8X2nw9qwl17OAkNY7WeoCUVKTpzHLNjlmYlhyeWELc8rZNBUeQpQQnaUmx/UJxiM lib200S/sPNrnn5vrYg1gUIdQ2ajo4X1bHvXlv5ZiaV0VWfZrpizu8aU9s8W8+iJmgRp XUSQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:references:from:subject:cc:to:message-id:date :content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:dkim-signature; bh=S77lyNTpVRaWpnGd4tybPwgfksXvf3+BfqNWHbyaLkM=; fh=y0aV+6s6yX5XuzPli+1lyFfRMAi0EXQkvuAzJTVx3/U=; b=YcBKWU0u2n4qSFopgvdVZji3MqK+OyqFERoyNpSBxtl8LGEJ2ue/sQEArUaZmatqbe NDnrLx4fFDq3OeMJYE9ywrCKAh8m0phnKqpVkluAkHMB8BUGoeXWVIF8xcqI8PfTTJXz /zNMFU/ENvAI5thDhvMv9uYPmmS+DAn76nhlGtg36RCYR3G3JlOHE0hEn48GZOGcvobO b0aJyieSxnKCC9iBG3YC+G6BzkO/CpL/uRxD/nVB/UWs1VAla4YETvdypKpEIpmocMJv 6wXfQVh4o5bzm+FT9aHsiL58R8p0sPTiFu/TrQv+tgCCggfbA77NMWJN8GtvsBWBoDis lqTQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Z+rqknd1; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-108614-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-108614-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id g7-20020a63f407000000b005cf0abea01dsi11538646pgi.114.2024.03.20.01.28.57 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 20 Mar 2024 01:28:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-108614-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Z+rqknd1; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-108614-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-108614-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 7C044285098 for ; Wed, 20 Mar 2024 08:28:57 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 9F10A383A5; Wed, 20 Mar 2024 08:28:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Z+rqknd1" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A77F8101E8; Wed, 20 Mar 2024 08:28:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710923324; cv=none; b=mP+rjU8eXFLkZ3PIRENSQgpk8Mmft8SPu4cTYFp3AcRdNCFEPG9/AT9dBMDqrWZSKnINDEgCQQuRFKJ1zulwBEout/J8e6q3eoLWlXUJDjDJstyy0h1PahiS2w1TcYd5Yg/bVEiVS2s96cPeBUV9l/jklPpeAAyTGCeu4z+88Qw= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710923324; c=relaxed/simple; bh=BWNgmr1UI8Ez2Yk8JxGhv2jILFoV7E237Mqwin2G1xU=; h=Mime-Version:Content-Type:Date:Message-Id:To:Cc:Subject:From: References:In-Reply-To; b=hausd+UiYuHv5zj3MO1oKJcxcj9MmB8HjeZhHTURzzK62v7C6JdVhjwTU5YAiw0KTxhLoAPcf45rfVnkFQ6GnQgwxfLbSGYAlqOxubsE7fNBchFVpJ8f431dBqzJ9jeeO4/Xy6Cr/UcovTvCOJFC/PEtmyAbEois4CoGHoquSBQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Z+rqknd1; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 49DB8C433F1; Wed, 20 Mar 2024 08:28:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1710923324; bh=BWNgmr1UI8Ez2Yk8JxGhv2jILFoV7E237Mqwin2G1xU=; h=Date:To:Cc:Subject:From:References:In-Reply-To:From; b=Z+rqknd11Xq+RxpQ3lOa2Uc20j2piizrSxUqNkCmdP1FQ39nD+481V0wtS5iKppBt dhwwp+ZhJKG90Z7IQFnHeG7lKyvY56576olFr+46vsI3SBRIE3fafp6AS7fneglF8l pEd+7SjXv8owZkIWAuebthTIB0bmCwtSGLN1itKiNkN8l8DaPkrqchOS/F8OE3nH7Q wJYYPVpRX7L/78U68unPdvDX8prEnKpuR7XXUVHzHn20sdQtl+wGK5mFrfdRLZJtto mZHoJKW9S3zezgO/5IIN2p3bK6WAyc69ODlVC/LLzP2RNdqhHxuXwaM+jMyGnpzyVI drRgIQTjnw8qA== Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Wed, 20 Mar 2024 10:28:38 +0200 Message-Id: To: "Paul Moore" , "Fan Wu" , , , , , , , , , , Cc: , , , , , , , Subject: Re: [PATCH RFC v15 12/21] security: add security_bdev_setintegrity() hook From: "Jarkko Sakkinen" X-Mailer: aerc 0.15.2 References: <1710560151-28904-13-git-send-email-wufan@linux.microsoft.com> In-Reply-To: On Wed Mar 20, 2024 at 1:00 AM EET, Paul Moore wrote: > On Mar 15, 2024 Fan Wu wrote: > >=20 > > This patch introduces a new hook to save block device's integrity > > data. For example, for dm-verity, LSMs can use this hook to save > > the roothash signature of a dm-verity into the security blob, > > and LSMs can make access decisions based on the data inside > > the signature, like the signer certificate. > >=20 > > Signed-off-by: Fan Wu > >=20 > > -- > > v1-v14: > > + Not present > >=20 > > v15: > > + Introduced > >=20 > > --- > > include/linux/lsm_hook_defs.h | 2 ++ > > include/linux/security.h | 14 ++++++++++++++ > > security/security.c | 28 ++++++++++++++++++++++++++++ > > 3 files changed, 44 insertions(+) > > I'm not sure why you made this a separate patch, help? If there is > no significant reason why this is separate, please squash it together > with patch 11/21. Off-topic: it is weird to have *RFC* patch set at v15. RFC by de-facto is something that can be safely ignored if you don't have bandwidth. 15 versions of anything that can be safely ignored is by definition spamming :-) I mean just conceptually. So does the RFC still hold or what the heck is going on with this one? Haven't followed for some time now... BR, Jarkko