| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241113.oQue0Ohj3aef@digikod.net>
Date: Wed, 13 Nov 2024 16:18:31 +0100
From: Mickaël Salaün <mic@...ikod.net>
To: Francis Laniel <flaniel@...ux.microsoft.com>
Cc: Eric Paris <eparis@...hat.com>, Paul Moore <paul@...l-moore.com>,
Günther Noack <gnoack@...gle.com>, "Serge E . Hallyn" <serge@...lyn.com>,
Ben Scarlato <akhna@...gle.com>, Casey Schaufler <casey@...aufler-ca.com>,
Charles Zaffery <czaffery@...lox.com>, James Morris <jmorris@...ei.org>, Jann Horn <jannh@...gle.com>,
Jeff Xu <jeffxu@...gle.com>, Jorge Lucangeli Obes <jorgelo@...gle.com>,
Kees Cook <kees@...nel.org>, Konstantin Meskhidze <konstantin.meskhidze@...wei.com>,
Matt Bobrowski <mattbobrowski@...gle.com>, Mikhail Ivanov <ivanov.mikhail1@...wei-partners.com>,
Praveen K Paladugu <prapal@...ux.microsoft.com>, Robert Salvet <robert.salvet@...lox.com>,
Shervin Oloumi <enlightened@...gle.com>, Song Liu <song@...nel.org>,
Tahera Fahimi <fahimitahera@...il.com>, audit@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org
Subject: Re: [RFC PATCH v2 04/14] landlock: Add unique ID generator
On Fri, Oct 25, 2024 at 05:18:06PM +0200, Francis Laniel wrote:
> Hi!
>
> Le mardi 22 octobre 2024, 18:09:59 CEST Mickaël Salaün a écrit :
> > Landlock IDs can be generated to uniquely identify Landlock objects.
> > For now, only Landlock domains get an ID at creation time.
> >
> > These IDs have important properties:
> > * They are unique during the lifetime of the running system thanks to
> > the 64-bit values: at worse, 2^60 - 2*2^32 useful IDs.
> > * They are always greater than 2^32 and must then be stored in 64-bit
> > integer types.
> > * The initial ID (at boot time) is randomly picked between 2^32 and
> > 2^33, which limits collisions in logs between different boots.
> > * IDs are sequential, which enables users to order them.
> > * IDs may not be consecutive but increase with a random 2^4 step, which
> > limits side channels.
> >
> > Such IDs can be exposed to unprivileged processes, even if it is not the
> > case with this audit patch series. The domain IDs will be useful for
> > user space to identify sandboxes and get their properties.
> >
> > Cc: Günther Noack <gnoack@...gle.com>
> > Cc: Paul Moore <paul@...l-moore.com>
> > Signed-off-by: Mickaël Salaün <mic@...ikod.net>
> > Link: https://lore.kernel.org/r/20241022161009.982584-5-mic@digikod.net
> > ---
> > diff --git a/security/landlock/id.h b/security/landlock/id.h
> > new file mode 100644
> > index 000000000000..689ba7607472
> > --- /dev/null
> > +++ b/security/landlock/id.h
> > @@ -0,0 +1,25 @@
> > +/* SPDX-License-Identifier: GPL-2.0-only */
> > +/*
> > + * Landlock LSM - Unique identification number generator
> > + *
> > + * Copyright © 2024 Microsoft Corporation
> > + */
> > +
> > +#ifndef _SECURITY_LANDLOCK_ID_H
> > +#define _SECURITY_LANDLOCK_ID_H
> > +
> > +#ifdef CONFIG_AUDIT
> > +
> > +void __init landlock_init_id(void);
> > +
> > +u64 landlock_get_id(size_t number_of_ids);
> > +
> > +#else /* CONFIG_AUDIT */
> > +
> > +static inline void __init landlock_init_id(void)
> > +{
> > +}
>
> Should the function have the same signature than when CONFIG_AUDIT is set?
The API is the same, only the static inline changes, which is what we
need to do in a header file.
Powered by blists - more mailing lists