From: Paul Moore <paul@paul-moore.com>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [GIT PULL] lsm/lsm-pr-20260203
Date: Tue, 03 Feb 2026 23:10:44 -0500 [thread overview]
Message-ID: <d6f1f788f25b30ddc05703b97146f6ad@paul-moore.com> (raw)
Linus,
This is a bit early, but due to some personal scheduling I'd rather send
this to you now, and you always mention you prefer to get pull requests
early (perhaps not this early?) so here is hoping this is a win-win.
Here are the highlights for the LSM changes queued for the Linux v7.0
merge window:
- Unify the security_inode_listsecurity() calls in NFSv4
While looking at security_inode_listsecurity() with an eye towards
improving the interface, we realized that the NFSv4 code was making
multiple calls to the LSM hook that could be consolidated into one. We
attempted to engage the NFS folks on this multiple times over several
months to get input, ACKs, etc. but never recieved any comments. While
this commit does touch NFS code exclusively, it is directly related to
the LSM hook, so I've gone and merged the commit into the LSM tree. It
has been in linux-next for almost a full month without any comments or
complaints from the NFS folks.
- Mark the LSM static branch keys as static
This helps resolve some sparse warnings.
- Add __rust_helper annotations to the LSM and cred wrapper functions.
- Remove the unsused set_security_override_from_ctx() function
- Minor fixes to some of the LSM kdoc comment blocks
Paul
--
The following changes since commit 8f0b4cce4481fb22653697cced8d0d04027cb1e8:
Linux 6.19-rc1 (2025-12-14 16:05:07 +1200)
are available in the Git repository at:
https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git
tags/lsm-pr-20260203
for you to fetch changes up to 472711068fa950642b9b471aaebcc82e9930eb8c:
lsm: make keys for static branch static (2026-01-06 20:57:55 -0500)
----------------------------------------------------------------
lsm/stable-7.0 PR 20260203
----------------------------------------------------------------
Alice Ryhl (2):
rust: cred: add __rust_helper to helpers
rust: security: add __rust_helper to helpers
Ben Dooks (1):
lsm: make keys for static branch static
Casey Schaufler (1):
cred: remove unused set_security_override_from_ctx()
Randy Dunlap (1):
lsm: fix kernel-doc struct member names
Stephen Smalley (1):
nfs: unify security_inode_listsecurity() calls
fs/nfs/nfs4proc.c | 38 +++-----------------------------------
include/linux/cred.h | 1 -
include/linux/lsm_hooks.h | 4 ++--
kernel/cred.c | 23 -----------------------
rust/helpers/cred.c | 4 ++--
rust/helpers/security.c | 26 +++++++++++++++-----------
security/security.c | 2 +-
7 files changed, 23 insertions(+), 75 deletions(-)
--
paul-moore.com
next reply other threads:[~2026-02-04 4:10 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-04 4:10 Paul Moore [this message]
2026-02-10 0:50 ` [GIT PULL] lsm/lsm-pr-20260203 pr-tracker-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d6f1f788f25b30ddc05703b97146f6ad@paul-moore.com \
--to=paul@paul-moore.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox