[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <cc11e15bdbfbb36415b36a796387e130b764fd6a.camel@linux.ibm.com>
Date: Tue, 07 May 2024 16:27:33 -0400
From: Mimi Zohar <zohar@...ux.ibm.com>
To: Roberto Sassu <roberto.sassu@...weicloud.com>, dmitry.kasatkin@...il.com,
eric.snowberg@...cle.com, paul@...l-moore.com, jmorris@...ei.org,
serge@...lyn.com, john.johansen@...onical.com,
stephen.smalley.work@...il.com, casey@...aufler-ca.com,
eparis@...hat.com
Cc: linux-integrity@...r.kernel.org, linux-security-module@...r.kernel.org,
linux-kernel@...r.kernel.org, guozihua@...wei.com, omosnace@...hat.com,
audit@...r.kernel.org, apparmor@...ts.ubuntu.com,
selinux@...r.kernel.org, Roberto Sassu <roberto.sassu@...wei.com>
Subject: Re: [RFC][PATCH] ima: Use sequence number to wait for policy updates
Hi Roberto,
On Tue, 2024-05-07 at 11:32 +0200, Roberto Sassu wrote:
> On Tue, 2024-05-07 at 11:28 +0200, Roberto Sassu wrote:
> > From: Roberto Sassu <roberto.sassu@...wei.com>
> >
> > Maintain a global sequence number, and set it to individual policy rules,
> > when they are created.
>
> Just did an attempt, to see if this path is viable.
>
> This patch would be an alternative to:
>
> [PATCH v3] ima: Avoid blocking in RCU read-side critical section
Stephen had said,
"Sidebar: the refactoring of the SELinux policy loading logic may have
made it possible to revisit the approaches here to permit holding a
reference to the policy from which the rule was derived so that we
don't have to return -ESTALE in this scenario."
Removing -ESTALE would be the best solution. We could then remove the -ESTALE
detection.
I assume the change would be in selinux_policy_commit(). Instead of freeing the
old policy, define and increment a per policy reference count for each
registered notifier callback.
/* Free the old policy */
synchronize_rcu();
selinux_policy_free(oldpolicy);
kfree(load_state->convert_data);
/* Notify others of the policy change */
selinux_notify_policy_change(seqno);
Mimi
Powered by blists - more mailing lists