| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGXu5j+hB3F-HQEdaqU2y-rvzQN=q__KD2ZAFBqkAGNEdwmvrQ@mail.gmail.com>
Date: Thu, 27 Oct 2016 14:34:13 -0700
From: Kees Cook <keescook@...omium.org>
To: Casey Schaufler <casey@...aufler-ca.com>
Cc: LSM <linux-security-module@...r.kernel.org>,
James Morris <jmorris@...ei.org>,
John Johansen <john.johansen@...onical.com>,
Paul Moore <paul@...l-moore.com>,
Stephen Smalley <sds@...ho.nsa.gov>,
Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>,
LKLM <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v6 0/3] LSM: security module information improvements
On Wed, Oct 26, 2016 at 4:56 PM, Casey Schaufler <casey@...aufler-ca.com> wrote:
> Subject: [PATCH v6 0/3] LSM: security module information improvements
>
> Changes from v5:
> Rebased on 4.9-rc2
>
> Changes from v4:
> Use kasprintf instead of kzalloc() ... sprintf in more places.
> More in the documentation.
> Separate module information in contexts with ",". (not yet visible)
>
> Changes from v3:
> Use kasprintf instead of kzalloc() ... sprintf.
>
> Create interfaces that make it possible to deal with process
> attributes in the face of multiple "major" security modules.
>
> Patch 1/3 adds /sys/kernel/security/lsm, which provides
> a list of the active security modules on the system.
>
> $ cat /sys/kernel/security/lsm
> capability,yama,loadpin,smack
>
> Patch 2/3 adds a subdirectory in /proc/.../attr for each
> security module that exports process attribute data. This
> allows a program in easily differentiate between the "current"
> value for Smack and AppArmor.
>
> $ cat /proc/self/attr/smack/current
> System
>
> $ cat /proc/self/attr/apparmor/current
> unconfined
>
> Patch 3/3 adds an interface that provides module identified
> information that otherwise matches the "current" attr.
> This allows a system with multiple modules to provide the
> complete security "context" in one place. A (future) system
> with both Smack and AppArmor might report:
>
> $ cat /proc/self/attr/context
> smack='System',apparmor='unconfined'
>
> Signed-off-by: Casey Schaufler <casey@...aufler-ca.com>
>
> ---
> Documentation/security/LSM.txt | 34 ++++++--
> fs/proc/base.c | 95 +++++++++++++++++++---
> fs/proc/internal.h | 1 +
> include/linux/lsm_hooks.h | 12 +--
> include/linux/security.h | 15 ++--
> security/apparmor/lsm.c | 38 +++++++--
> security/commoncap.c | 3 +-
> security/inode.c | 26 +++++-
> security/loadpin/loadpin.c | 2 +-
> security/security.c | 177 ++++++++++++++++++++++++++++++++++++++++-
> security/selinux/hooks.c | 22 ++++-
> security/smack/smack_lsm.c | 22 ++---
> security/tomoyo/tomoyo.c | 2 +-
> security/yama/yama_lsm.c | 2 +-
> 14 files changed, 395 insertions(+), 56 deletions(-)
>
I remain happy with this. :)
Reviewed-by: Kees Cook <keescook@...omium.org>
(With my LSM parts Acked-by...)
-Kees
--
Kees Cook
Nexus Security
Powered by blists - more mailing lists