[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CACdnJusxhsYenacOEJkDXqVC13qoEd5eNXDgxWT_x8tz4bV5cQ@mail.gmail.com>
Date: Fri, 21 Jun 2019 12:27:46 -0700
From: Matthew Garrett <mjg59@...gle.com>
To: Andy Lutomirski <luto@...nel.org>
Cc: James Morris <jmorris@...ei.org>, linux-security@...r.kernel.org,
LKML <linux-kernel@...r.kernel.org>,
Linux API <linux-api@...r.kernel.org>
Subject: Re: [PATCH V33 01/30] security: Support early LSMs
On Thu, Jun 20, 2019 at 10:23 PM Andy Lutomirski <luto@...nel.org> wrote:
>
> On Thu, Jun 20, 2019 at 6:22 PM Matthew Garrett
> <matthewgarrett@...gle.com> wrote:
> >
> > The lockdown module is intended to allow for kernels to be locked down
> > early in boot - sufficiently early that we don't have the ability to
> > kmalloc() yet. Add support for early initialisation of some LSMs, and
> > then add them to the list of names when we do full initialisation later.
>
> I'm confused. What does it even mean to lock down the kernel before
> we're ready to run userspace code? We can't possibly be attacked by
> user code before there is any to attack us.
Certain kernel parameters can be disabled by lockdown, so we want to
have policy available before that parsing happens.
Powered by blists - more mailing lists