Re: [dm-devel] [PATCH 15/29] NFSD: dynamically allocate the nfsd-client shrinker

ead-side critical > section when releasing the struct nfsd_net. > > Signed-off-by: Qi Zheng For 15/29 and 16/29 of this series: Acked-by: Chuck Lever > --- > fs/nfsd/netns.h | 2 +- > fs/nfsd/nfs4state.c | 20 > 2 files changed, 13 insertions(+), 9

Re: [dm-devel] [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)

> On Aug 13, 2020, at 11:10 AM, James Bottomley > wrote: > > On Thu, 2020-08-13 at 10:42 -0400, Chuck Lever wrote: >>> On Aug 12, 2020, at 11:51 AM, James Bottomley >> enPartnership.com> wrote: >>> On Wed, 2020-08-12 at 10:15 -0400, Chuck Lever wr

Re: [dm-devel] [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)

> On Aug 12, 2020, at 11:51 AM, James Bottomley > wrote: > > On Wed, 2020-08-12 at 10:15 -0400, Chuck Lever wrote: >>> On Aug 11, 2020, at 11:53 AM, James Bottomley >>> wrote: >>> >>> On Tue, 2020-08-11 at 10:48 -0400, Chuck Lever wrote:

Re: [dm-devel] [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)

> On Aug 13, 2020, at 10:42 AM, James Bottomley > wrote: > > On Thu, 2020-08-13 at 10:21 -0400, Chuck Lever wrote: >>> On Aug 12, 2020, at 11:42 AM, James Bottomley >> enPartnership.com> wrote: > [...] >>> For most people the security mechanism of

Re: [dm-devel] [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)

> On Aug 11, 2020, at 11:32 AM, James Bottomley > wrote: > > On Tue, 2020-08-11 at 10:48 -0400, Chuck Lever wrote: >>> On Aug 11, 2020, at 1:43 AM, James Bottomley >>> wrote: >>> On Mon, 2020-08-10 at 19:36 -0400, Chuck Lever wrote: > [...] >>

Re: [dm-devel] [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)

> On Aug 11, 2020, at 11:53 AM, James Bottomley > wrote: > > On Tue, 2020-08-11 at 10:48 -0400, Chuck Lever wrote: >>> On Aug 11, 2020, at 1:43 AM, James Bottomley >> nPartnership.com> wrote: >>> >>> On Mon, 2020-08-10 at 19:36 -0400, Chuck

Re: [dm-devel] [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)

> On Aug 11, 2020, at 2:28 PM, James Bottomley > wrote: > > On Tue, 2020-08-11 at 10:48 -0400, Chuck Lever wrote: >> Mimi's earlier point is that any IMA metadata format that involves >> unsigned digests is exposed to an alteration attack at rest or in >&g

Re: [dm-devel] [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)

> On Aug 11, 2020, at 5:03 PM, James Morris wrote: > > On Sat, 8 Aug 2020, Chuck Lever wrote: > >> My interest is in code integrity enforcement for executables stored >> in NFS files. >> >> My struggle with IPE is that due to its dependence on dm-ve

Re: [dm-devel] [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)

> On Aug 12, 2020, at 11:42 AM, James Bottomley > wrote: > > On Wed, 2020-08-12 at 09:56 -0400, Chuck Lever wrote: >>> On Aug 11, 2020, at 2:28 PM, James Bottomley >> nPartnership.com> wrote: >>> >>> On Tue, 2020-08-11 at 10:48 -0400, Chuck Le

Re: [dm-devel] [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)

> On Aug 11, 2020, at 1:43 AM, James Bottomley > wrote: > > On Mon, 2020-08-10 at 19:36 -0400, Chuck Lever wrote: >>> On Aug 10, 2020, at 11:35 AM, James Bottomley >>> wrote: >>> On Sun, 2020-08-09 at 13:16 -0400, Mimi Zohar wrote: >>>> O

Re: [dm-devel] [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)

> On Aug 10, 2020, at 11:35 AM, James Bottomley > wrote: > > On Sun, 2020-08-09 at 13:16 -0400, Mimi Zohar wrote: >> On Sat, 2020-08-08 at 13:47 -0400, Chuck Lever wrote: >>>> On Aug 5, 2020, at 2:15 PM, Mimi Zohar >>>> wrote: >> >>

Re: [dm-devel] [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)

> On Aug 5, 2020, at 2:15 PM, Mimi Zohar wrote: > > On Wed, 2020-08-05 at 09:59 -0700, James Morris wrote: >> On Wed, 5 Aug 2020, James Bottomley wrote: >> >>> I'll leave Mimi to answer, but really this is exactly the question that >>> should have been asked before writing IPE. However, sinc