Re: [PATCH 0/9] integrity: Move hooks into LSM

From: "Mickaël Salaün" <mic@digikod.net>
To: Kees Cook <keescook@chromium.org>, Mimi Zohar <zohar@linux.ibm.com>
Cc: Paul Moore <paul@paul-moore.com>, KP Singh <kpsingh@kernel.org>,
	Casey Schaufler <casey@schaufler-ca.com>,
	John Johansen <john.johansen@canonical.com>,
	James Morris <jmorris@namei.org>,
	linux-kernel@vger.kernel.org,
	linux-security-module@vger.kernel.org,
	linux-integrity@vger.kernel.org, linux-hardening@vger.kernel.org,
	Roberto Sassu <roberto.sassu@huawei.com>
Subject: Re: [PATCH 0/9] integrity: Move hooks into LSM
Date: Tue, 18 Oct 2022 17:31:59 +0200	[thread overview]
Message-ID: <0a8f21a6-02de-36f0-7613-06ed3daf934b@digikod.net> (raw)
In-Reply-To: <20221013222702.never.990-kees@kernel.org>

There is a complementary patch series that didn't received review: 
https://lore.kernel.org/all/20210427113732.471066-1-roberto.sassu@huawei.com/

On 14/10/2022 00:36, Kees Cook wrote:
> Hi,
> 
> It's been over 4 years since LSM stack was introduced. The integrity
> subsystem is long overdue for moving to this infrastructure. Here's my
> first pass at converting integrity and ima (and some of evm) into LSM
> hooks. This should be enough of an example to finish evm, and introduce
> the missing hooks for both. For example, after this, it looks like ima
> only has a couple places it's still doing things outside of the LSM. At
> least these stood out:
> 
> fs/namei.c:     ima_post_create_tmpfile(mnt_userns, inode);
> fs/namei.c:                             ima_post_path_mknod(mnt_userns, dentry);
> 
> Mimi, can you please take this series and finish the conversion for
> what's missing in ima and evm?
> 
> I would also call attention to "175 insertions(+), 240 deletions(-)" --
> as expected, this is a net reduction in code.
> 
> Thanks!
> 
> -Kees
> 
> Kees Cook (9):
>    integrity: Prepare for having "ima" and "evm" available in "integrity"
>      LSM
>    security: Move trivial IMA hooks into LSM
>    ima: Move xattr hooks into LSM
>    ima: Move ima_file_free() into LSM
>    LSM: Introduce inode_post_setattr hook
>    fs: Introduce file_to_perms() helper
>    ima: Move ima_file_check() into LSM
>    integrity: Move trivial hooks into LSM
>    integrity: Move integrity_inode_get() out of global header
> 
>   fs/attr.c                             |  3 +-
>   fs/file_table.c                       |  1 -
>   fs/namei.c                            |  2 -
>   fs/nfsd/vfs.c                         |  6 --
>   include/linux/evm.h                   |  6 --
>   include/linux/fs.h                    | 22 +++++++
>   include/linux/ima.h                   | 87 ---------------------------
>   include/linux/integrity.h             | 30 +--------
>   include/linux/lsm_hook_defs.h         |  3 +
>   security/Kconfig                      | 10 +--
>   security/apparmor/include/file.h      | 18 ++----
>   security/integrity/evm/evm_main.c     | 14 ++++-
>   security/integrity/iint.c             | 28 +++++++--
>   security/integrity/ima/ima.h          | 12 ++++
>   security/integrity/ima/ima_appraise.c | 21 +++++--
>   security/integrity/ima/ima_main.c     | 66 ++++++++++++++------
>   security/integrity/integrity.h        |  8 +++
>   security/security.c                   | 78 ++++++------------------
>   18 files changed, 175 insertions(+), 240 deletions(-)
>