lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAHC9VhRaXgLKo6NbEVBiZOA1NowbwdoYNkFEpZ65VJ6h0TSdFw@mail.gmail.com>
Date: Mon, 27 Jan 2025 16:23:04 -0500
From: Paul Moore <paul@...l-moore.com>
To: Casey Schaufler <casey@...aufler-ca.com>
Cc: Hamza Mahfooz <hamzamahfooz@...ux.microsoft.com>, linux-kernel@...r.kernel.org, 
	James Morris <jmorris@...ei.org>, "Serge E. Hallyn" <serge@...lyn.com>, Jens Axboe <axboe@...nel.dk>, 
	Pavel Begunkov <asml.silence@...il.com>, Stephen Smalley <stephen.smalley.work@...il.com>, 
	Ondrej Mosnacek <omosnace@...hat.com>, Bram Bonné <brambonne@...gle.com>, 
	Thiébaud Weksteen <tweek@...gle.com>, 
	Christian Göttsche <cgzones@...glemail.com>, 
	Masahiro Yamada <masahiroy@...nel.org>, linux-security-module@...r.kernel.org, 
	io-uring@...r.kernel.org, selinux@...r.kernel.org
Subject: Re: [PATCH v3 2/2] lsm,io_uring: add LSM hooks for io_uring_setup()

On Mon, Jan 27, 2025 at 12:18 PM Casey Schaufler <casey@...aufler-ca.com> wrote:
> On 1/27/2025 7:57 AM, Hamza Mahfooz wrote:
> > It is desirable to allow LSM to configure accessibility to io_uring
> > because it is a coarse yet very simple way to restrict access to it. So,
> > add an LSM for io_uring_allowed() to guard access to io_uring.
>
> I don't like this at all at all. It looks like you're putting in a hook
> so that io_uring can easily deflect any responsibility for safely
> interacting with LSMs.

That's not how this works Casey, unless you're seeing something different?

This is an additional access control point for io_uring, largely to
simplify what a LSM would need to do to help control a process' access
to io_uring, it does not replace any of the io_uring LSM hooks or
access control points.

-- 
paul-moore.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ