lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ccf1937cfdcc5bb28dcc7a58785dd0c65d974597.camel@linux.ibm.com>
Date:   Wed, 23 Nov 2022 07:28:19 -0500
From:   Mimi Zohar <zohar@...ux.ibm.com>
To:     Roberto Sassu <roberto.sassu@...weicloud.com>, mark@...heh.com,
        jlbec@...lplan.org, joseph.qi@...ux.alibaba.com,
        dmitry.kasatkin@...il.com, paul@...l-moore.com, jmorris@...ei.org,
        serge@...lyn.com, stephen.smalley.work@...il.com,
        eparis@...isplace.org, casey@...aufler-ca.com
Cc:     ocfs2-devel@....oracle.com, reiserfs-devel@...r.kernel.org,
        linux-integrity@...r.kernel.org,
        linux-security-module@...r.kernel.org, selinux@...r.kernel.org,
        linux-kernel@...r.kernel.org, keescook@...omium.org,
        nicolas.bouchinet@...p-os.org,
        Roberto Sassu <roberto.sassu@...wei.com>
Subject: Re: [PATCH v5 0/6] evm: Prepare for moving to the LSM infrastructure

Hi Roberto,

On Wed, 2022-11-23 at 10:51 +0100, Roberto Sassu wrote:
> From: Roberto Sassu <roberto.sassu@...wei.com>
> 
> One of the challenges that must be tackled to move IMA and EVM to the LSM
> infrastructure is to ensure that EVM is capable to correctly handle
> multiple stacked LSMs providing an xattr at file creation. At the moment,
> there are few issues that would prevent a correct integration. This patch
> set aims at solving them.

Let's take a step back and understand the purpose of this patch set. 
Regardless of whether IMA and EVM are moved to the "LSM
infrastructure", EVM needs to support per LSM xattrs.  A side affect is
the removal of the security_old_inode_init_security hook.  This patch
set cover letter and patch descriptions should be limited to EVM
support for per LSM (multiple) xattrs.  The motivation, concerns, and
problems of making IMA and EVM LSMs will be documented in the patch set
that actual makes them LSMs.  Please remove all references to "move IMA
and EVM to the LSM infrastructure".

When EVM was upstreamed, there were filesystem limitations on the
number and size of the extended attributes.  In addition there were
performance concerns, which resulted in staging the LSM, IMA and EVM
xattrs, before calling initxattrs to write them at the same time.  With
this patch set, not only are per LSM xattrs supported, but multiple per
LSM xattrs are supported as well.  Have the size limitation concerns
been addressed by the different filesystems?   If not, then at minimum
this patch set needs to at least mention it and the possible
ramifications.

-- 
thanks,

Mimi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ