On Mon, May 19, 2025 at 6:58 PM Paul Moore <paul@xxxxxxxxxxxxxx> wrote: > > When the kernel performs a security relevant operation, such as > verifying the signature on a BPF program, where the result of the > operation serves as input to a policy decision, system measurement, > audit event, etc. the LSM hook needs to be located after the security > relevant operation takes place so that the hook is able to properly > take into account the state of the event/system and record the actual > result as opposed to an implied result (this is critical for auditing, > measurement, attestation, etc.). > > You explained why you believe the field/hook is not required, but I'm > asking for your *technical*objections*. I understand that you believe > these changes are not required, but as described above, I happen to > disagree and therefore it would be helpful to understand the technical > reasons why you can't accept the field/hook changes. Is there a > technical reason which would prevent such changes, or is it simply a > rejection of the use case and requirements above? Bubbling this back up to the top of your inbox ... -- paul-moore.com
