[RFC PATCH] MAINTAINERS: add an explicit credentials entry

[RFC PATCH] MAINTAINERS: add an explicit credentials entry

[Paul Moore]

The lack of an explicit credential (kernel/cred.c) entry has caused
confusion in the past among new, and not-so-new developers, about where
to send credential patches for discussion and merging.  Those patches
that are sent can often rot on the mailing lists for months as there
is no clear maintainer tasked with reviewing and merging patches.

I'm volunteering for the cred maintainer role to try and reduce the
confusion and help cred patches find their way up to Linus' tree.  As
there generally aren't a lot of cred patches I'll start with simply
folding them into the LSM tree, but if this changes I'll setup a
dedicated cred tree.

Signed-off-by: Paul Moore <paul@paul-moore.com>
---
 MAINTAINERS | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/MAINTAINERS b/MAINTAINERS
index 896a307fa065..68e4656c15ea 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -6139,6 +6139,14 @@ L:	linux-input@vger.kernel.org
 S:	Maintained
 F:	drivers/hid/hid-creative-sb0540.c
 
+CREDENTIALS
+M:	Paul Moore <paul@paul-moore.com>
+L:	linux-security-module@vger.kernel.org
+S:	Supported
+T:	git https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git
+F:	include/linux/cred.h
+F:	kernel/cred.c
+
 INTEL CRPS COMMON REDUNDANT PSU DRIVER
 M:	Ninad Palsule <ninad@linux.ibm.com>
 L:	linux-hwmon@vger.kernel.org
-- 
2.48.1

Re: [RFC PATCH] MAINTAINERS: add an explicit credentials entry

[Paul Moore]

On Tue, Mar 4, 2025 at 5:23 PM Paul Moore <paul@paul-moore.com> wrote:
>
> The lack of an explicit credential (kernel/cred.c) entry has caused
> confusion in the past among new, and not-so-new developers, about where
> to send credential patches for discussion and merging.  Those patches
> that are sent can often rot on the mailing lists for months as there
> is no clear maintainer tasked with reviewing and merging patches.
>
> I'm volunteering for the cred maintainer role to try and reduce the
> confusion and help cred patches find their way up to Linus' tree.  As
> there generally aren't a lot of cred patches I'll start with simply
> folding them into the LSM tree, but if this changes I'll setup a
> dedicated cred tree.
>
> Signed-off-by: Paul Moore <paul@paul-moore.com>
> ---
>  MAINTAINERS | 8 ++++++++
>  1 file changed, 8 insertions(+)

I haven't seen any objections, or any other volunteers, so I'm going
to go ahead and merge this to send up to Linus during the upcoming
merge window.

> diff --git a/MAINTAINERS b/MAINTAINERS
> index 896a307fa065..68e4656c15ea 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -6139,6 +6139,14 @@ L:       linux-input@vger.kernel.org
>  S:     Maintained
>  F:     drivers/hid/hid-creative-sb0540.c
>
> +CREDENTIALS
> +M:     Paul Moore <paul@paul-moore.com>
> +L:     linux-security-module@vger.kernel.org
> +S:     Supported
> +T:     git https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git
> +F:     include/linux/cred.h
> +F:     kernel/cred.c
> +
>  INTEL CRPS COMMON REDUNDANT PSU DRIVER
>  M:     Ninad Palsule <ninad@linux.ibm.com>
>  L:     linux-hwmon@vger.kernel.org
> --
> 2.48.1

-- 
paul-moore.com

Re: [RFC PATCH] MAINTAINERS: add an explicit credentials entry

[sergeh]

On Fri, Mar 07, 2025 at 12:13:08PM -0500, Paul Moore wrote:
> On Tue, Mar 4, 2025 at 5:23 PM Paul Moore <paul@paul-moore.com> wrote:
> >
> > The lack of an explicit credential (kernel/cred.c) entry has caused
> > confusion in the past among new, and not-so-new developers, about where
> > to send credential patches for discussion and merging.  Those patches
> > that are sent can often rot on the mailing lists for months as there
> > is no clear maintainer tasked with reviewing and merging patches.
> >
> > I'm volunteering for the cred maintainer role to try and reduce the
> > confusion and help cred patches find their way up to Linus' tree.  As
> > there generally aren't a lot of cred patches I'll start with simply
> > folding them into the LSM tree, but if this changes I'll setup a
> > dedicated cred tree.
> >
> > Signed-off-by: Paul Moore <paul@paul-moore.com>
> > ---
> >  MAINTAINERS | 8 ++++++++
> >  1 file changed, 8 insertions(+)
> 
> I haven't seen any objections, or any other volunteers, so I'm going
> to go ahead and merge this to send up to Linus during the upcoming
> merge window.

Sorry, I managed to not take my personal laptop charger with me
on a trip this week, fell behind.

I'm very happy with you as the maintainer, but I do volunteer to
try and step in here, if that works.

> > diff --git a/MAINTAINERS b/MAINTAINERS
> > index 896a307fa065..68e4656c15ea 100644
> > --- a/MAINTAINERS
> > +++ b/MAINTAINERS
> > @@ -6139,6 +6139,14 @@ L:       linux-input@vger.kernel.org
> >  S:     Maintained
> >  F:     drivers/hid/hid-creative-sb0540.c
> >
> > +CREDENTIALS
> > +M:     Paul Moore <paul@paul-moore.com>
> > +L:     linux-security-module@vger.kernel.org
> > +S:     Supported
> > +T:     git https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git
> > +F:     include/linux/cred.h
> > +F:     kernel/cred.c
> > +
> >  INTEL CRPS COMMON REDUNDANT PSU DRIVER
> >  M:     Ninad Palsule <ninad@linux.ibm.com>
> >  L:     linux-hwmon@vger.kernel.org
> > --
> > 2.48.1
> 
> -- 
> paul-moore.com

Re: [RFC PATCH] MAINTAINERS: add an explicit credentials entry

[Paul Moore]

On Fri, Mar 7, 2025 at 9:47 PM <sergeh@kernel.org> wrote:
> On Fri, Mar 07, 2025 at 12:13:08PM -0500, Paul Moore wrote:
> > On Tue, Mar 4, 2025 at 5:23 PM Paul Moore <paul@paul-moore.com> wrote:
> > >
> > > The lack of an explicit credential (kernel/cred.c) entry has caused
> > > confusion in the past among new, and not-so-new developers, about where
> > > to send credential patches for discussion and merging.  Those patches
> > > that are sent can often rot on the mailing lists for months as there
> > > is no clear maintainer tasked with reviewing and merging patches.
> > >
> > > I'm volunteering for the cred maintainer role to try and reduce the
> > > confusion and help cred patches find their way up to Linus' tree.  As
> > > there generally aren't a lot of cred patches I'll start with simply
> > > folding them into the LSM tree, but if this changes I'll setup a
> > > dedicated cred tree.
> > >
> > > Signed-off-by: Paul Moore <paul@paul-moore.com>
> > > ---
> > >  MAINTAINERS | 8 ++++++++
> > >  1 file changed, 8 insertions(+)
> >
> > I haven't seen any objections, or any other volunteers, so I'm going
> > to go ahead and merge this to send up to Linus during the upcoming
> > merge window.
>
> Sorry, I managed to not take my personal laptop charger with me
> on a trip this week, fell behind.
>
> I'm very happy with you as the maintainer, but I do volunteer to
> try and step in here, if that works.

Thanks.  Send a patch adding yourself as either a maintainer or
reviewer, whichever you prefer, and I'll happily merge it.  For
reference, I've merged the patch in this thread into the lsm/dev tree.

-- 
paul-moore.com

Re: [RFC PATCH] MAINTAINERS: add an explicit credentials entry

[Günther Noack]

Hello Paul and Serge!

On Tue, Mar 04, 2025 at 05:23:05PM -0500, Paul Moore wrote:
> The lack of an explicit credential (kernel/cred.c) entry has caused
> confusion in the past among new, and not-so-new developers, about where
> to send credential patches for discussion and merging.  Those patches
> that are sent can often rot on the mailing lists for months as there
> is no clear maintainer tasked with reviewing and merging patches.
> 
> I'm volunteering for the cred maintainer role to try and reduce the
> confusion and help cred patches find their way up to Linus' tree.  As
> there generally aren't a lot of cred patches I'll start with simply
> folding them into the LSM tree, but if this changes I'll setup a
> dedicated cred tree.
> 
> Signed-off-by: Paul Moore <paul@paul-moore.com>
> ---
>  MAINTAINERS | 8 ++++++++
>  1 file changed, 8 insertions(+)
> 
> diff --git a/MAINTAINERS b/MAINTAINERS
> index 896a307fa065..68e4656c15ea 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -6139,6 +6139,14 @@ L:	linux-input@vger.kernel.org
>  S:	Maintained
>  F:	drivers/hid/hid-creative-sb0540.c
>  
> +CREDENTIALS
> +M:	Paul Moore <paul@paul-moore.com>
> +L:	linux-security-module@vger.kernel.org
> +S:	Supported
> +T:	git https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git
> +F:	include/linux/cred.h
> +F:	kernel/cred.c

Maybe also add the documentation:

+F:	Documentation/security/credentials.rst

This documents the prepare_creds()/commit_creds()/abort_creds()
"transactional" API that tasks should use to change credentials.

> +
>  INTEL CRPS COMMON REDUNDANT PSU DRIVER
>  M:	Ninad Palsule <ninad@linux.ibm.com>
>  L:	linux-hwmon@vger.kernel.org
> -- 
> 2.48.1
> 

Acked-by: Günther Noack <gnoack3000@gmail.com>

Thank you both for stepping up to establish a clearer ownership for
credentials!  There is a need for authoritative decisions in that
area, and it has been difficult to find the right contacts for
credentials on earlier patches as well, such as:

https://lore.kernel.org/all/20240805-remove-cred-transfer-v2-0-a2aa1d45e6b8@google.com/
(patch by Jann Horn: "get rid of cred_transfer")

https://lore.kernel.org/all/20250221184417.27954-2-gnoack3000@gmail.com/
(patch by me, multithreaded Landlock enablement)

Thanks,
–Günther

Re: [RFC PATCH] MAINTAINERS: add an explicit credentials entry

[Paul Moore]

On Sun, Mar 9, 2025 at 7:12 AM Günther Noack <gnoack3000@gmail.com> wrote:
>
> Hello Paul and Serge!
>
> On Tue, Mar 04, 2025 at 05:23:05PM -0500, Paul Moore wrote:
> > The lack of an explicit credential (kernel/cred.c) entry has caused
> > confusion in the past among new, and not-so-new developers, about where
> > to send credential patches for discussion and merging.  Those patches
> > that are sent can often rot on the mailing lists for months as there
> > is no clear maintainer tasked with reviewing and merging patches.
> >
> > I'm volunteering for the cred maintainer role to try and reduce the
> > confusion and help cred patches find their way up to Linus' tree.  As
> > there generally aren't a lot of cred patches I'll start with simply
> > folding them into the LSM tree, but if this changes I'll setup a
> > dedicated cred tree.
> >
> > Signed-off-by: Paul Moore <paul@paul-moore.com>
> > ---
> >  MAINTAINERS | 8 ++++++++
> >  1 file changed, 8 insertions(+)
> >
> > diff --git a/MAINTAINERS b/MAINTAINERS
> > index 896a307fa065..68e4656c15ea 100644
> > --- a/MAINTAINERS
> > +++ b/MAINTAINERS
> > @@ -6139,6 +6139,14 @@ L:     linux-input@vger.kernel.org
> >  S:   Maintained
> >  F:   drivers/hid/hid-creative-sb0540.c
> >
> > +CREDENTIALS
> > +M:   Paul Moore <paul@paul-moore.com>
> > +L:   linux-security-module@vger.kernel.org
> > +S:   Supported
> > +T:   git https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git
> > +F:   include/linux/cred.h
> > +F:   kernel/cred.c
>
> Maybe also add the documentation:
>
> +F:     Documentation/security/credentials.rst
>
> This documents the prepare_creds()/commit_creds()/abort_creds()
> "transactional" API that tasks should use to change credentials.

Thanks.  Serge already posted a patch to add the doc page, we should be all set.

> Acked-by: Günther Noack <gnoack3000@gmail.com>
>
> Thank you both for stepping up to establish a clearer ownership for
> credentials!  There is a need for authoritative decisions in that
> area, and it has been difficult to find the right contacts for
> credentials on earlier patches as well, such as:
>
> https://lore.kernel.org/all/20240805-remove-cred-transfer-v2-0-a2aa1d45e6b8@google.com/
> (patch by Jann Horn: "get rid of cred_transfer")
>
> https://lore.kernel.org/all/20250221184417.27954-2-gnoack3000@gmail.com/
> (patch by me, multithreaded Landlock enablement)

Yeah, the cred_transfer/keyctl issue is particularly nasty and needs
to be revisited.  If memory serves there was still a compatibility
issue with Jann's patch, but we may want to consider merging that into
-next just to see if userspace still cares.  It's on my todo list to
take a closer look when I have the time.

-- 
paul-moore.com