Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Mandatory Access Control Kernel

From: Christoph Hellwig
Date: Sun Sep 30 2007 - 05:53:36 EST


On Sun, Sep 30, 2007 at 01:16:18AM -0700, Andrew Morton wrote:
> reviewed the August thread from your version 1 submission and the message I
> take away is that the code has been well-received and looks good when
> considered on its own merits, but selinux could probably be configured to
> do something sufficiently similar.
>
> I'd have trouble declaring that "but" to be a reason to not merge smack.
> I'm more thinking "let's merge it and see if people use it".

I'm not sure this was discussed on the list, but as long as Casey doesn't
get rid of the magic symlinks (smackfs_follow_link), there's a clear NACK
from the VFS perspective.

Otherwise the code looks pretty well written, alhough a run through
checkpath.pl to fix the lose end might help. Oh, and please to compile-time
initializations for the spinlocks and mutex currently initializes in
smack_init. Also the -Inet/netlabel looks rather odd, please work with
the netlabel maintainer to move the required files to the include/
hierachy.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/