Re: [RFC v3 07/22] landlock: Handle file comparisons

On Wed, Sep 14, 2016 at 12:24 AM, Mickaël Salaün wrote: > Add eBPF functions to compare file system access with a Landlock file > system handle: > * bpf_landlock_cmp_fs_prop_with_struct_file(prop, map, map_op, file) > This function allows to compare the dentry, inode, device

Re: lsm naming dilemma. Re: [RFC v3 07/22] landlock: Handle file comparisons

On 20/09/2016 03:10, Sargun Dhillon wrote: > I'm fine giving up the Checmate name. Landlock seems easy enough to > Google. I haven't gotten a chance to look through the entire patchset > yet, but it does seem like they are somewhat similar. Excellent! I'm looking forward for your review. > >

Re: lsm naming dilemma. Re: [RFC v3 07/22] landlock: Handle file comparisons

I'm fine giving up the Checmate name. Landlock seems easy enough to Google. I haven't gotten a chance to look through the entire patchset yet, but it does seem like they are somewhat similar. On Mon, Sep 19, 2016 at 5:12 PM, Alexei Starovoitov wrote: > On Thu, Sep

lsm naming dilemma. Re: [RFC v3 07/22] landlock: Handle file comparisons

On Thu, Sep 15, 2016 at 11:25:10PM +0200, Mickaël Salaün wrote: > >> Agreed. With this RFC, the Checmate features (i.e. network helpers) > >> should be able to sit on top of Landlock. > > > > I think neither of them should be called fancy names for no technical > > reason. > > We will have only

Re: [RFC v3 07/22] landlock: Handle file comparisons

On 15/09/2016 01:24, Alexei Starovoitov wrote: > On Thu, Sep 15, 2016 at 01:02:22AM +0200, Mickaël Salaün wrote: >>> >>> I would suggest for the next RFC to do minimal 7 patches up to this point >>> with simple example that demonstrates the use case. >>> I would avoid all unpriv stuff and all of

Re: [RFC v3 07/22] landlock: Handle file comparisons

On Thu, Sep 15, 2016 at 01:02:22AM +0200, Mickaël Salaün wrote: > > > > I would suggest for the next RFC to do minimal 7 patches up to this point > > with simple example that demonstrates the use case. > > I would avoid all unpriv stuff and all of seccomp for the next RFC as well, > > otherwise I

Re: [RFC v3 07/22] landlock: Handle file comparisons

On 14/09/2016 23:06, Alexei Starovoitov wrote: > On Wed, Sep 14, 2016 at 09:24:00AM +0200, Mickaël Salaün wrote: >> Add eBPF functions to compare file system access with a Landlock file >> system handle: >> * bpf_landlock_cmp_fs_prop_with_struct_file(prop, map, map_op, file) >> This function

Re: [RFC v3 07/22] landlock: Handle file comparisons

On 14/09/2016 21:07, Jann Horn wrote: > On Wed, Sep 14, 2016 at 09:24:00AM +0200, Mickaël Salaün wrote: >> Add eBPF functions to compare file system access with a Landlock file >> system handle: >> * bpf_landlock_cmp_fs_prop_with_struct_file(prop, map, map_op, file) >> This function allows to

Re: [RFC v3 07/22] landlock: Handle file comparisons

On Wed, Sep 14, 2016 at 09:24:00AM +0200, Mickaël Salaün wrote: > Add eBPF functions to compare file system access with a Landlock file > system handle: > * bpf_landlock_cmp_fs_prop_with_struct_file(prop, map, map_op, file) > This function allows to compare the dentry, inode, device or mount >

Re: [RFC v3 07/22] landlock: Handle file comparisons

On Wed, Sep 14, 2016 at 09:24:00AM +0200, Mickaël Salaün wrote: > Add eBPF functions to compare file system access with a Landlock file > system handle: > * bpf_landlock_cmp_fs_prop_with_struct_file(prop, map, map_op, file) > This function allows to compare the dentry, inode, device or mount >