lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 04 Jun 2018 10:03:45 -0400
From:   Mimi Zohar <zohar@...ux.vnet.ibm.com>
To:     Casey Schaufler <casey@...aufler-ca.com>,
        James Morris <james.l.morris@...cle.com>,
        Kees Cook <keescook@...omium.org>,
        Paul Moore <paul@...l-moore.com>,
        "Serge E. Hallyn" <serge@...lyn.com>
Cc:     linux-integrity <linux-integrity@...r.kernel.org>,
        linux-security-module@...r.kernel.org,
        linux-kernel@...r.kernel.org, David Howells <dhowells@...hat.com>,
        "Luis R . Rodriguez" <mcgrof@...nel.org>,
        Eric Biederman <ebiederm@...ssion.com>,
        kexec@...ts.infradead.org, Andres Rodriguez <andresx7@...il.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        Jessica Yu <jeyu@...nel.org>
Subject: Re: [PATCH v4 0/8] kexec/firmware: support system wide policy
 requiring signatures

On Tue, 2018-05-29 at 14:01 -0400, Mimi Zohar wrote:
> Instead of adding the security_kernel_read_file LSM hook - or defining a
> wrapper for security_kernel_read_file LSM hook and adding it, or
> renaming the existing hook to security_kernel_read_data() and adding it
> - in places where the kernel isn't reading a file, this version of the
> patch set defines a new LSM hook named security_kernel_load_data().
> 
> The new LSM hook does not replace the existing security_kernel_read_file
> LSM hook, which is still needed, but defines a new LSM hook allowing
> LSMs and IMA-appraisal the opportunity to fail loading userspace
> provided file/data.
> 
> The only difference between the two LSM hooks is the LSM hook name and a
> file descriptor.  Whether this is cause enough for requiring a new LSM
> hook, is left to the security community.

Paul does not have a preference as to adding a new LSM hook or calling
the existing hook.  Either way is fine, as long as both the new and
existing hooks call the existing function.

Casey didn't like the idea of a wrapper.
James suggested renaming the LSM hook.

The maintainers for the callers of the LSM hook prefer a meaningful
LSM hook name.  The "null" argument is not as much of a concern.  Only
Eric seems to be asking for a separate, new LSM hook, without the
"null" argument.

Unless someone really objects, to accommodate Eric we'll define a new
LSM hook named security_kernel_load_data.  Eric, are you planning on
Ack'ing patches 1 & 2?

Mimi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ