From: "Günther Noack" <gnoack3000@gmail.com>
To: Paul Moore <paul@paul-moore.com>
Cc: linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org
Subject: Re: [RFC PATCH] MAINTAINERS: add an explicit credentials entry
Date: Sun, 9 Mar 2025 12:12:39 +0100 [thread overview]
Message-ID: <20250309.5ddca2aac3f6@gnoack.org> (raw)
In-Reply-To: <20250304222304.214704-2-paul@paul-moore.com>
Hello Paul and Serge!
On Tue, Mar 04, 2025 at 05:23:05PM -0500, Paul Moore wrote:
> The lack of an explicit credential (kernel/cred.c) entry has caused
> confusion in the past among new, and not-so-new developers, about where
> to send credential patches for discussion and merging. Those patches
> that are sent can often rot on the mailing lists for months as there
> is no clear maintainer tasked with reviewing and merging patches.
>
> I'm volunteering for the cred maintainer role to try and reduce the
> confusion and help cred patches find their way up to Linus' tree. As
> there generally aren't a lot of cred patches I'll start with simply
> folding them into the LSM tree, but if this changes I'll setup a
> dedicated cred tree.
>
> Signed-off-by: Paul Moore <paul@paul-moore.com>
> ---
> MAINTAINERS | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/MAINTAINERS b/MAINTAINERS
> index 896a307fa065..68e4656c15ea 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -6139,6 +6139,14 @@ L: linux-input@vger.kernel.org
> S: Maintained
> F: drivers/hid/hid-creative-sb0540.c
>
> +CREDENTIALS
> +M: Paul Moore <paul@paul-moore.com>
> +L: linux-security-module@vger.kernel.org
> +S: Supported
> +T: git https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git
> +F: include/linux/cred.h
> +F: kernel/cred.c
Maybe also add the documentation:
+F: Documentation/security/credentials.rst
This documents the prepare_creds()/commit_creds()/abort_creds()
"transactional" API that tasks should use to change credentials.
> +
> INTEL CRPS COMMON REDUNDANT PSU DRIVER
> M: Ninad Palsule <ninad@linux.ibm.com>
> L: linux-hwmon@vger.kernel.org
> --
> 2.48.1
>
Acked-by: Günther Noack <gnoack3000@gmail.com>
Thank you both for stepping up to establish a clearer ownership for
credentials! There is a need for authoritative decisions in that
area, and it has been difficult to find the right contacts for
credentials on earlier patches as well, such as:
https://lore.kernel.org/all/20240805-remove-cred-transfer-v2-0-a2aa1d45e6b8@google.com/
(patch by Jann Horn: "get rid of cred_transfer")
https://lore.kernel.org/all/20250221184417.27954-2-gnoack3000@gmail.com/
(patch by me, multithreaded Landlock enablement)
Thanks,
–Günther
next prev parent reply other threads:[~2025-03-09 11:12 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-04 22:23 [RFC PATCH] MAINTAINERS: add an explicit credentials entry Paul Moore
2025-03-07 17:13 ` Paul Moore
2025-03-08 2:47 ` sergeh
2025-03-08 17:01 ` Paul Moore
2025-03-09 11:12 ` Günther Noack [this message]
2025-03-10 20:29 ` Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250309.5ddca2aac3f6@gnoack.org \
--to=gnoack3000@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=paul@paul-moore.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).