[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHC9VhQuRNxzgVeNhDy=p5+RHz5+bTH6zFdU=UvvEhyH1e962A@mail.gmail.com>
Date: Wed, 17 Aug 2022 17:09:07 -0400
From: Paul Moore <paul@...l-moore.com>
To: "Eric W. Biederman" <ebiederm@...ssion.com>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
Frederick Lawler <fred@...udflare.com>, kpsingh@...nel.org,
revest@...omium.org, jackmanb@...omium.org, ast@...nel.org,
daniel@...earbox.net, andrii@...nel.org, kafai@...com,
songliubraving@...com, yhs@...com, john.fastabend@...il.com,
jmorris@...ei.org, serge@...lyn.com,
stephen.smalley.work@...il.com, eparis@...isplace.org,
shuah@...nel.org, brauner@...nel.org, casey@...aufler-ca.com,
bpf@...r.kernel.org, linux-security-module@...r.kernel.org,
selinux@...r.kernel.org, linux-kselftest@...r.kernel.org,
linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
kernel-team@...udflare.com, cgzones@...glemail.com,
karl@...badwolfsecurity.com, tixxdz@...il.com
Subject: Re: [PATCH v5 0/4] Introduce security_create_user_ns()
On Wed, Aug 17, 2022 at 4:56 PM Eric W. Biederman <ebiederm@...ssion.com> wrote:
> Paul Moore <paul@...l-moore.com> writes:
> > On Wed, Aug 17, 2022 at 3:58 PM Eric W. Biederman <ebiederm@...ssion.com> wrote:
> >> Paul Moore <paul@...l-moore.com> writes:
> >>
> >> > At the end of the v4 patchset I suggested merging this into lsm/next
> >> > so it could get a full -rc cycle in linux-next, assuming no issues
> >> > were uncovered during testing
> >>
> >> What in the world can be uncovered in linux-next for code that has no in
> >> tree users.
> >
> > The patchset provides both BPF LSM and SELinux implementations of the
> > hooks along with a BPF LSM test under tools/testing/selftests/bpf/.
> > If no one beats me to it, I plan to work on adding a test to the
> > selinux-testsuite as soon as I'm done dealing with other urgent
> > LSM/SELinux issues (io_uring CMD passthrough, SCTP problems, etc.); I
> > run these tests multiple times a week (multiple times a day sometimes)
> > against the -rcX kernels with the lsm/next, selinux/next, and
> > audit/next branches applied on top. I know others do similar things.
>
> A layer of hooks that leaves all of the logic to userspace is not an
> in-tree user for purposes of understanding the logic of the code.
The BPF LSM selftests which are part of this patchset live in-tree.
The SELinux hook implementation is completely in-tree with the
subject/verb/object relationship clearly described by the code itself.
After all, the selinux_userns_create() function consists of only two
lines, one of which is an assignment. Yes, it is true that the
SELinux policy lives outside the kernel, but that is because there is
no singular SELinux policy for everyone. From a practical
perspective, the SELinux policy is really just a configuration file
used to setup the kernel at runtime; it is not significantly different
than an iptables script, /etc/sysctl.conf, or any of the other myriad
of configuration files used to configure the kernel during boot.
--
paul-moore.com
Powered by blists - more mailing lists