Received: by 2002:ab2:1149:0:b0:1f3:1f8c:d0c6 with SMTP id z9csp188467lqz; Fri, 29 Mar 2024 12:56:54 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWXcGNUvFjoP45S6zM+C3Q4sN2Up4Y3kVbgwLBrxDg5Ny9oc3fwInJvWyQ2IUDiIzpwARqo8NggxGcyerDTPgPtc25IOWSrRyIHS4pyjA== X-Google-Smtp-Source: AGHT+IEn1ZNUON+NrZ5ho2NMu/zHSXlhzxd6SqyXITJUgCD6nAtCd4Xsg6Lzp5F0wEilKYJHoqoP X-Received: by 2002:a50:c312:0:b0:568:c608:8058 with SMTP id a18-20020a50c312000000b00568c6088058mr1889877edb.17.1711742214148; Fri, 29 Mar 2024 12:56:54 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1711742214; cv=pass; d=google.com; s=arc-20160816; b=Q4d84A8SFOTiIeNKFfvaPRh0PYr5W1A4tk1BEI8ZkDHnZ91HK23gDMDcngN1FLh+lP 0xAh9PD/iligQb+DsMlKHmf6+AH/oR4hyRIzfQMrNIo7LMciaOQZQlRGLOEpBT7bt3oh myVqOOYEdgPEr01TfyvqiMVUWvnGirIZzZSECVZiVQcmKcCqwKXLtTo9fzswZcvN2fcn FZjGWDGXQ4rNge8T6ICpBeQrt1APZGqrSZEQseeQYZOKzKF8pdB+L9i3ZvZNKpEcm55B NWIluUDPmi87OAC18uh+U3BINbbogcixiPx0hk9+oDl33ifqyIHZiqZWfeu8f3bi0jrk m2Eg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=F6A9jbG9CdaDPP1v6fWuwcIQF8qoPPnl16dGzz2qlT0=; fh=NjgdN5xvpD7pMv+Zq64MVpNRT9FQTN0faKTDS2x6r5Q=; b=yQsG5GTwiYuN0waZjrq1BxcdLxUYqoEOHAIWqtKN5yTs2AN6EWr3gmGapuPB73MZ+n FUoi9lzgq+vvTggsb/FzGBEHHPM+X3hFdf7Noerr1N18LZsOfEpTWY6nVxvKuRGhGG+o Lq5PKoSGtdS/xu7AJU35W3WYwAA3qY8gURCNgilyjRo0/KbBBs4hLV6A4OVYO/nzIrNB WAwu0UNWgo2l/aLd1zCOxDw7HqGJkg70Tj0r5oGsVLdjsu4U9MfrER4fFueIYi9oY/5s dNFK1pRq88Zc+si8nrxm7YmwmKaPeH7EQWX6+7mTXcaFSsQOTz6LMRqXxuIrSBMQ4uYr aumg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@paul-moore.com header.s=google header.b=CBUkVwZr; arc=pass (i=1 spf=pass spfdomain=paul-moore.com dkim=pass dkdomain=paul-moore.com dmarc=pass fromdomain=paul-moore.com); spf=pass (google.com: domain of linux-kernel+bounces-125370-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-125370-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=paul-moore.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id z98-20020a509e6b000000b0056c420c4058si2020406ede.665.2024.03.29.12.56.54 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 29 Mar 2024 12:56:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-125370-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore.com header.s=google header.b=CBUkVwZr; arc=pass (i=1 spf=pass spfdomain=paul-moore.com dkim=pass dkdomain=paul-moore.com dmarc=pass fromdomain=paul-moore.com); spf=pass (google.com: domain of linux-kernel+bounces-125370-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-125370-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=paul-moore.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id D75AE1F21890 for ; Fri, 29 Mar 2024 19:56:53 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id C77BC13AD0E; Fri, 29 Mar 2024 19:56:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b="CBUkVwZr" Received: from mail-yw1-f176.google.com (mail-yw1-f176.google.com [209.85.128.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9AB8912FB12 for ; Fri, 29 Mar 2024 19:56:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.176 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711742203; cv=none; b=TYbZvwyO8Wtdd9O45mE2X4LMfUbzgseHG7sWLNk7AjyYzDqqbLZhwFJGS5qnzpKWzJecNDCI/ITl8ftAohdpPhfzEer3WN4Pybum5Hzuyv4U6gXQNmNEh4OqsNje4ePKci74ZKtmk5Ya4mxHW1Du3rcG5/7ahnjBZBWk5PjyO9Q= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711742203; c=relaxed/simple; bh=kl3r4t6JEKPhRbXJ7T+YhSza5u8zPgVfF6ukpjkWUEs=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=aFST2pm7ldI1Y9d6lrn8DJBJWfAdWephKsbJyqb1MdqHEKZFImARIGBqwg8ekK0v76s0swj73F6oqGzaa8cc5ORvDKI+FnxsIUoUqH32QN/VMTUPS4mn66v/dZpIanzYzpJR4z7DP3nxwYw3yDKKUvXJEB+9DfKGSuRiovM/DKw= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com; spf=pass smtp.mailfrom=paul-moore.com; dkim=pass (2048-bit key) header.d=paul-moore.com header.i=@paul-moore.com header.b=CBUkVwZr; arc=none smtp.client-ip=209.85.128.176 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=paul-moore.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=paul-moore.com Received: by mail-yw1-f176.google.com with SMTP id 00721157ae682-60a0a1bd04eso25811927b3.1 for ; Fri, 29 Mar 2024 12:56:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1711742199; x=1712346999; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=F6A9jbG9CdaDPP1v6fWuwcIQF8qoPPnl16dGzz2qlT0=; b=CBUkVwZr6fDdpu1CS2Uchp+UMiOJJcC/5ubPJMrFby2ed8H/XnyFZX6xxLglV1czkg jFjntZNznVWUaqtNtoysFOUSv9fdkCv/c8qbMJE3ZDaHsq6bcs4zoWAkoHy9ueZYC+/U 8IOkRJhBh1jpe5TAhnmnY6ROVaMK/0gJI4Q0Hb67GGwE8HUJxdCcQ8HkURjV20ZZ/B62 CjDtw0YOQ/2z/R8VUhGf4XJ0REDeKDy11otkkCBXauFEf0MytH0KsL0G+MdbKF1xxh6K vSC5m1bC2bPGo7inX9ggy6BxfA8jsn25P8erH6YKdXs1sO4s/7m2XjuxqEyQ7W/rqj2p xL7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1711742199; x=1712346999; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=F6A9jbG9CdaDPP1v6fWuwcIQF8qoPPnl16dGzz2qlT0=; b=tYB2fdi4W8rtXdYF3gtvwy5QnXPO65NaiAvXSZOZHAsaDsraX7Ro+Oo/r08MD3jdmz GJ0rnpd7b1bRqQJ391mp1DFhbu1ExxLdUk2y5JB68+07jLUhQSRsitlheOOxb9Ny/X3t 0nsdAK7UTCqdYYFfzBWKWxH1yof6Ng9TLZkMHeZcNZOjWvvDU5wJmBIiVPrisStJJ9A/ HTI0YsNgi5YxrbqdfDxyzTH4pwrmoeGTbsi6+5MhftaLVeq+lw5Mzz3JjZKb+SGLVtWX OfZhljEzhigaIoQH17Z8HUJKwzaLq+jajtbVu4aF+EF5ECzlgDxOuwMfSsCyvSpJG0rW mI6A== X-Forwarded-Encrypted: i=1; AJvYcCW7SY8vDFd9/fxCQqHiq7R8t/xYi0yCQKiznFtjQTH8Ok+KGU+Z1lfGvHubbtNl25jO2taKCEhUB3+ujRQ3Fq2NW0pQ3i3g6rL5TIiR X-Gm-Message-State: AOJu0YwKiuvKkKBY+SGwHDNhDXFXP/XSe0hee1bLKvHMPedW82FyMaTw DyMbmuzt+3HJQXLF5vYL63YVgnCKhzLg5WwcehqXNyNN2Gnnrfja2fSQCSO4tlxxjcODQ5KNPbJ QwdbyLoWqP+Apc8SlvKLDMvOTfdYdCvBauKuy X-Received: by 2002:a81:494b:0:b0:60c:bdb0:cd28 with SMTP id w72-20020a81494b000000b0060cbdb0cd28mr3336888ywa.6.1711742199706; Fri, 29 Mar 2024 12:56:39 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240329105609.1566309-1-roberto.sassu@huaweicloud.com> <20240329105609.1566309-2-roberto.sassu@huaweicloud.com> <1fe6813db395563be658a9b557931cf4db949100.camel@linux.ibm.com> In-Reply-To: <1fe6813db395563be658a9b557931cf4db949100.camel@linux.ibm.com> From: Paul Moore Date: Fri, 29 Mar 2024 15:56:28 -0400 Message-ID: Subject: Re: [PATCH 2/2] ima: evm: Rename *_post_path_mknod() to *_path_post_mknod() To: Mimi Zohar Cc: Roberto Sassu , dmitry.kasatkin@gmail.com, eric.snowberg@oracle.com, jmorris@namei.org, serge@hallyn.com, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-cifs@vger.kernel.org, viro@zeniv.linux.org.uk, pc@manguebit.com, christian@brauner.io, Roberto Sassu , stable@vger.kernel.org, Sasha Levin , Greg KH Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Fri, Mar 29, 2024 at 3:28=E2=80=AFPM Mimi Zohar wr= ote: > On Fri, 2024-03-29 at 15:12 -0400, Paul Moore wrote: > > Another important thing to keep in mind about 'Fixes' tags, unless > > you've told the stable kernel folks to only take patches that you've > > explicitly marked for stable, they are likely going to attempt to > > backport anything with a 'Fixes' tag. > > How do we go about doing that? Do we just send an email to stable? When I asked for a change to the stable policy, it was an email exchange with Greg where we setup what is essentially a shell glob to filter out the files to skip unless explicitly tagged: https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tre= e/ignore_list > Is it disabled for security? I asked for it to be disabled for the LSM layer, SELinux, and audit. I sent a note about it last year to the mailing list: https://lore.kernel.org/linux-security-module/CAHC9VhQgzshziG2tvaQMd9jchAVM= u39M4Ym9RCComgbXj+WF0Q@mail.gmail.com > I thought new functionality won't be backported. One thing I noticed fairly consistently in the trees I maintained is that commits marked with a 'Fixes' tag were generally backported regardless of if they were marked for stable. > Hopefully the changes for making IMA & EVM full fledged LSMs won't be > automatically backported to stable. I haven't seen that happening, and I wouldn't expect it in the future as none of those patches were explicitly marked for stable or had a 'Fixes' tag. -- paul-moore.com