Re: [PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-21 Thread Paul Moore
On Fri, Jul 21, 2017 at 1:37 PM, Kees Cook wrote: > On Fri, Jul 21, 2017 at 8:40 AM, Paul Moore wrote: >> On Thu, Jul 20, 2017 at 4:42 PM, Paul Moore wrote: >>> On Thu, Jul 20, 2017 at 1:06 PM, Kees Cook

Re: [PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-21 Thread Paul Moore
On Fri, Jul 21, 2017 at 1:37 PM, Kees Cook wrote: > On Fri, Jul 21, 2017 at 8:40 AM, Paul Moore wrote: >> On Thu, Jul 20, 2017 at 4:42 PM, Paul Moore wrote: >>> On Thu, Jul 20, 2017 at 1:06 PM, Kees Cook wrote: On Thu, Jul 20, 2017 at 6:42 AM, Paul Moore wrote: > Alternatively, if

Re: [PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-21 Thread Kees Cook
On Fri, Jul 21, 2017 at 8:40 AM, Paul Moore wrote: > On Thu, Jul 20, 2017 at 4:42 PM, Paul Moore wrote: >> On Thu, Jul 20, 2017 at 1:06 PM, Kees Cook wrote: >>> On Thu, Jul 20, 2017 at 6:42 AM, Paul Moore

Re: [PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-21 Thread Kees Cook
On Fri, Jul 21, 2017 at 8:40 AM, Paul Moore wrote: > On Thu, Jul 20, 2017 at 4:42 PM, Paul Moore wrote: >> On Thu, Jul 20, 2017 at 1:06 PM, Kees Cook wrote: >>> On Thu, Jul 20, 2017 at 6:42 AM, Paul Moore wrote: Alternatively, if you've got a fairly recent git repo with all the

Re: [PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-21 Thread Paul Moore
On Thu, Jul 20, 2017 at 4:42 PM, Paul Moore wrote: > On Thu, Jul 20, 2017 at 1:06 PM, Kees Cook wrote: >> On Thu, Jul 20, 2017 at 6:42 AM, Paul Moore wrote: >>> Alternatively, if you've got a fairly recent git repo with all the

Re: [PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-21 Thread Paul Moore
On Thu, Jul 20, 2017 at 4:42 PM, Paul Moore wrote: > On Thu, Jul 20, 2017 at 1:06 PM, Kees Cook wrote: >> On Thu, Jul 20, 2017 at 6:42 AM, Paul Moore wrote: >>> Alternatively, if you've got a fairly recent git repo with all the >>> patches merged I can build a test kernel and give it a shot for

Re: [PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-20 Thread Paul Moore
On Thu, Jul 20, 2017 at 1:06 PM, Kees Cook wrote: > On Thu, Jul 20, 2017 at 6:42 AM, Paul Moore wrote: >> Alternatively, if you've got a fairly recent git repo with all the >> patches merged I can build a test kernel and give it a shot for you, >>

Re: [PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-20 Thread Paul Moore
On Thu, Jul 20, 2017 at 1:06 PM, Kees Cook wrote: > On Thu, Jul 20, 2017 at 6:42 AM, Paul Moore wrote: >> Alternatively, if you've got a fairly recent git repo with all the >> patches merged I can build a test kernel and give it a shot for you, >> although fair warning it may take a day or two

Re: [PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-20 Thread Kees Cook
On Thu, Jul 20, 2017 at 6:42 AM, Paul Moore wrote: > Alternatively, if you've got a fairly recent git repo with all the > patches merged I can build a test kernel and give it a shot for you, > although fair warning it may take a day or two for me to get to it. Hurm, I think

Re: [PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-20 Thread Kees Cook
On Thu, Jul 20, 2017 at 6:42 AM, Paul Moore wrote: > Alternatively, if you've got a fairly recent git repo with all the > patches merged I can build a test kernel and give it a shot for you, > although fair warning it may take a day or two for me to get to it. Hurm, I think this will take quite

Re: [PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-20 Thread Paul Moore
On Wed, Jul 19, 2017 at 9:37 PM, Kees Cook wrote: > On Wed, Jul 19, 2017 at 5:19 PM, Paul Moore wrote: >> On Wed, Jul 19, 2017 at 8:03 PM, Paul Moore wrote: >>> On Tue, Jul 18, 2017 at 6:25 PM, Kees Cook

Re: [PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-20 Thread Paul Moore
On Wed, Jul 19, 2017 at 9:37 PM, Kees Cook wrote: > On Wed, Jul 19, 2017 at 5:19 PM, Paul Moore wrote: >> On Wed, Jul 19, 2017 at 8:03 PM, Paul Moore wrote: >>> On Tue, Jul 18, 2017 at 6:25 PM, Kees Cook wrote: The SELinux bprm_secureexec hook can be merged with the bprm_set_creds

Re: [PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-19 Thread Kees Cook
On Wed, Jul 19, 2017 at 5:19 PM, Paul Moore wrote: > On Wed, Jul 19, 2017 at 8:03 PM, Paul Moore wrote: >> On Tue, Jul 18, 2017 at 6:25 PM, Kees Cook wrote: >>> The SELinux bprm_secureexec hook can be merged with the

Re: [PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-19 Thread Kees Cook
On Wed, Jul 19, 2017 at 5:19 PM, Paul Moore wrote: > On Wed, Jul 19, 2017 at 8:03 PM, Paul Moore wrote: >> On Tue, Jul 18, 2017 at 6:25 PM, Kees Cook wrote: >>> The SELinux bprm_secureexec hook can be merged with the bprm_set_creds >>> hook since it's dealing with the same information, and all

Re: [PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-19 Thread Paul Moore
On Wed, Jul 19, 2017 at 8:03 PM, Paul Moore wrote: > On Tue, Jul 18, 2017 at 6:25 PM, Kees Cook wrote: >> The SELinux bprm_secureexec hook can be merged with the bprm_set_creds >> hook since it's dealing with the same information, and all of the

Re: [PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-19 Thread Paul Moore
On Wed, Jul 19, 2017 at 8:03 PM, Paul Moore wrote: > On Tue, Jul 18, 2017 at 6:25 PM, Kees Cook wrote: >> The SELinux bprm_secureexec hook can be merged with the bprm_set_creds >> hook since it's dealing with the same information, and all of the details >> are finalized during the first call to

Re: [PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-19 Thread Paul Moore
On Tue, Jul 18, 2017 at 6:25 PM, Kees Cook wrote: > The SELinux bprm_secureexec hook can be merged with the bprm_set_creds > hook since it's dealing with the same information, and all of the details > are finalized during the first call to the bprm_set_creds hook via >

Re: [PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-19 Thread Paul Moore
On Tue, Jul 18, 2017 at 6:25 PM, Kees Cook wrote: > The SELinux bprm_secureexec hook can be merged with the bprm_set_creds > hook since it's dealing with the same information, and all of the details > are finalized during the first call to the bprm_set_creds hook via > prepare_binprm()

[PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-18 Thread Kees Cook
The SELinux bprm_secureexec hook can be merged with the bprm_set_creds hook since it's dealing with the same information, and all of the details are finalized during the first call to the bprm_set_creds hook via prepare_binprm() (subsequent calls due to binfmt_script, etc, are ignored via

[PATCH v3 04/15] selinux: Refactor to remove bprm_secureexec hook

2017-07-18 Thread Kees Cook
The SELinux bprm_secureexec hook can be merged with the bprm_set_creds hook since it's dealing with the same information, and all of the details are finalized during the first call to the bprm_set_creds hook via prepare_binprm() (subsequent calls due to binfmt_script, etc, are ignored via