Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp1650889pxb;
        Thu, 4 Mar 2021 17:34:10 -0800 (PST)
X-Google-Smtp-Source: ABdhPJx7NnYEbuLWJmeLPiA4dOl5Ob2OvHnvWXvll8uO51f2j1/+8O1toUDnSB8Bi5TU6tv/ZedI
X-Received: by 2002:a05:6402:1d39:: with SMTP id dh25mr7297749edb.282.1614908050428;
        Thu, 04 Mar 2021 17:34:10 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1614908050; cv=none;
        d=google.com; s=arc-20160816;
        b=SuhdvPDdDCJNr7KCeDOT18Yni3z8xMpryqSFy2/1qjmSqZyEYDjmSyxwnm4y5bSEbg
         afHhcuWIYngCZWvnFEZ3Y5yXIjxhugKWagiPyIek9HR5olEjQBSLOZRDUXw31IZBUsQ4
         kB+tAOmiKpYjHdzyR5MAK0SUhCY/nd1kUjsPHDzO5SqkOvP8cFmtO9MREqwu7041exyB
         r7xELn2Qa0FfnWNJVnwo4wXStodS4f3yPRkQ6N2g+LvFdTC7PHizTvii6aBZseMEHmqC
         PO5pMWkMObHpJ5mO/Kr8rQHwkLsni+tX2cbisVOjvRWHfzh0gIwNZTvNQvlwBXE/4B/x
         RrJA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to
         :references:mime-version:dkim-signature;
        bh=80N8FTktWaHp8/7shNAGY0Bb2p2RGTW77BNazisTaqc=;
        b=qhKvGtUYcOWfRFNTwjFojf04cVOmhzi0ryB0uS94m1LITf+G6wFbDa19Kusud0hfSs
         tZTPcjpekKMP8ckov1xB4HZKIQvv5gW/AakcC+dh5ufFkv+KniHUunXgTPLbpRCRnX7A
         RLYxXPUN3Zw3vmPVHzWdbIGrWwpzNLr0zvv5wJdlLUhAacZ8bL52HqvuMwsfsfvtozZd
         rX275T2Vg1/Batn/C4tytNcgvZiyCQODARre/fK9bVbrcig1qqdvAtrzDrmDl8sBkrXu
         /G5wCVOipeSGAsAApbr/b5qDrBcNb71nQzfCMDyXCui7f/FQhADQnIPeqQTTccBwDVzG
         eJsg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=kwO3ZbQJ;
       spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org
Return-Path: <linux-nfs-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id h19si494340ejg.578.2021.03.04.17.33.36;
        Thu, 04 Mar 2021 17:34:10 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=kwO3ZbQJ;
       spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229687AbhCEBcQ (ORCPT <rfc822;prasannabanumathi@gmail.com>
        + 99 others); Thu, 4 Mar 2021 20:32:16 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37248 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229475AbhCEBcP (ORCPT
        <rfc822;linux-nfs@vger.kernel.org>); Thu, 4 Mar 2021 20:32:15 -0500
Received: from mail-ej1-x62f.google.com (mail-ej1-x62f.google.com [IPv6:2a00:1450:4864:20::62f])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 557F8C06175F
        for <linux-nfs@vger.kernel.org>; Thu,  4 Mar 2021 17:32:15 -0800 (PST)
Received: by mail-ej1-x62f.google.com with SMTP id c10so339226ejx.9
        for <linux-nfs@vger.kernel.org>; Thu, 04 Mar 2021 17:32:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=paul-moore-com.20150623.gappssmtp.com; s=20150623;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=80N8FTktWaHp8/7shNAGY0Bb2p2RGTW77BNazisTaqc=;
        b=kwO3ZbQJvmoyZEcCsnZ+O5lefcSrFp4+zNeyaTxwbMuTmfsqLF3Zl3diE3rtVg3Nf5
         XWXIutDh7iwVsvz7hM2SbHDz75L4k1hdS7zjWDfGrEGtSQIalEqcvAeA+6ZMUMeIj4pe
         CMcbLw1BJUAAT79MYajlSgDqsgLNlVf56KvxaVcF6odqfB14mHAKqbBmKjnjbgbNRFkV
         /5bGDWxr9WX5/onrBYptac6azV0Lcs/AChdKXyW5sv+uplHNQIj1kdeUTSi0JzenFZwl
         FovvuSszpmZUmsiCuYj6WrEaKmUvmLlJhO0txFw323fvX3ZlpQ35xFNA7tudurvk0PjE
         Gwew==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=80N8FTktWaHp8/7shNAGY0Bb2p2RGTW77BNazisTaqc=;
        b=gEOFP/7xBi5g0N1AIylii49nNCSp3RnL0nE5QNz82fijuKfP2jzl9SgDYRmQKFaA35
         7vEvkWyfoUYCuz9BV9biyKDXvwojZByAaxp8J5Xg7+IKoeG+C3Ea8CGehgtICf1UbQOh
         XFP4D4Su307aVZare6kDhgFUVHoSydReK2RJjeSe/6RRPVLSseID7tt5+t5+8bqusAjd
         h8dRUdrHw1LEANswDHCgdTqrymehb9sUw8UHmYFrsfaIXEwH1hXW/biLapo7U7vzrmbc
         dGee8OEXhB8LJd4s2KrZqKA8uU6sIlNVnXTqkgKJpm8ACq8thCiFj5PRJHtyhO3rHCC+
         YhAw==
X-Gm-Message-State: AOAM532oWekuwYz90w256q6N3ft4IXnTH7J19rMOEaEp6rci2EFn99vS
        F4ELeRTIX4zJc4O2eUC7MtTBDsCP3U8yKydJZrXQ
X-Received: by 2002:a17:906:3b84:: with SMTP id u4mr227254ejf.431.1614907933967;
 Thu, 04 Mar 2021 17:32:13 -0800 (PST)
MIME-Version: 1.0
References: <CAN-5tyGuV-gs0KzVbKSj42ZMx553zy9wOfVb1SoHoE-WCoN1_w@mail.gmail.com>
 <20210227033755.24460-1-olga.kornievskaia@gmail.com> <CAFX2Jfk--KwkAss1gqTPnQt-bKvUUapNdHbuicu=m+jOtjrMyQ@mail.gmail.com>
 <f8f5323c-cdfd-92e8-b359-43caaf9d7490@schaufler-ca.com>
In-Reply-To: <f8f5323c-cdfd-92e8-b359-43caaf9d7490@schaufler-ca.com>
From:   Paul Moore <paul@paul-moore.com>
Date:   Thu, 4 Mar 2021 20:32:02 -0500
Message-ID: <CAHC9VhR=+uwN8U17JhYWKcXSc9=ExCrG4O9-y+DPJg6xZ=WoYA@mail.gmail.com>
Subject: Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an
 existing mount
To:     Casey Schaufler <casey@schaufler-ca.com>,
        Anna Schumaker <anna.schumaker@netapp.com>
Cc:     Olga Kornievskaia <olga.kornievskaia@gmail.com>,
        Trond Myklebust <trond.myklebust@hammerspace.com>,
        Linux NFS Mailing List <linux-nfs@vger.kernel.org>,
        linux-security-module@vger.kernel.org, selinux@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
Precedence: bulk
List-ID: <linux-nfs.vger.kernel.org>
X-Mailing-List: linux-nfs@vger.kernel.org

On Tue, Mar 2, 2021 at 10:53 PM Casey Schaufler <casey@schaufler-ca.com> wrote:
> On 3/2/2021 10:20 AM, Anna Schumaker wrote:
> > Hi Casey,
> >
> > On Fri, Feb 26, 2021 at 10:40 PM Olga Kornievskaia
> > <olga.kornievskaia@gmail.com> wrote:
> >> From: Olga Kornievskaia <kolga@netapp.com>
> >>
> >> Add a new hook that takes an existing super block and a new mount
> >> with new options and determines if new options confict with an
> >> existing mount or not.
> >>
> >> A filesystem can use this new hook to determine if it can share
> >> the an existing superblock with a new superblock for the new mount.
> >>
> >> Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
> > Do you have any other thoughts on this patch? I'm also wondering how
> > you want to handle sending it upstream.
>
> James Morris is the maintainer for the security sub-system,
> so you'll want to send this through him. He will want you to
> have an ACK from Paul Moore, who is the SELinux maintainer.

In the past I've pulled patches such as this (new LSM hook, with only
a SELinux implementation of the new hook) in via the selinux/next tree
after the other LSMs have ACK'd the new hook.  This helps limit merge
problems with other SELinux changes and allows us (the SELinux folks)
to include it in the ongoing testing that we do during the -rcX
releases.

So Anna, if you or anyone else on the NFS side of the house want to
add your ACKs/REVIEWs/etc. please do so as I don't like merging
patches that cross subsystem boundaries without having all the
associated ACKs.  Casey, James, and other LSM folks please do the
same.

-- 
paul moore
www.paul-moore.com