From: Kees Cook <keescook@chromium.org>
To: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Cc: Casey Schaufler <casey@schaufler-ca.com>,
Stephen Smalley <sds@tycho.nsa.gov>,
James Morris <jmorris@namei.org>,
linux-security-module <linux-security-module@vger.kernel.org>,
"kernel-hardening@lists.openwall.com"
<kernel-hardening@lists.openwall.com>,
Paul Moore <paul@paul-moore.com>
Subject: Re: [kernel-hardening] Re: [RFC PATCH 2/4] security: mark nf ops inSELinux and Smack as __ro_after_init
Date: Mon, 13 Feb 2017 14:09:03 -0800 [thread overview]
Message-ID: <CAGXu5jK-D6VzcxQ+Jxo0=uQnu3rhkO6mqCpozwqxnELjuhn82g@mail.gmail.com> (raw)
In-Reply-To: <201702140705.FIJ18206.FOtJOHFFLMSVQO@I-love.SAKURA.ne.jp>
On Mon, Feb 13, 2017 at 2:05 PM, Tetsuo Handa
<penguin-kernel@i-love.sakura.ne.jp> wrote:
> Kees Cook wrote:
>> On Mon, Feb 13, 2017 at 1:32 PM, Casey Schaufler <casey@schaufler-ca.com> wrote:
>> > If we changed CONFIG_SECURITY_SELINUX_DISABLE to
>> > CONFIG_SECURITY_DYNAMIC_MODULES and put the __ro_after_init
>> > under !CONFIG_SECURITY_DYNAMIC_MODULES we solve both the
>> > current and potential future issues.
>>
>> Something like...
>>
>> #ifdef CONFIG_SECURITY_DYNAMIC_LSM
>> # define lsm_ro_after_init __ro_after_init
>> # define lsm_const const
>> #else
>> # define lsm_ro_after_init
>> # define lsm_const
>> #endif
>>
>> ?
>
> Fedora/RHEL won't use CONFIG_SECURITY_DYNAMIC_LSM=y whereas
> LKM based LSMs are targeted for such distributions.
>
> I don't worry much about Android, for manufactures who ship their
> products with TOMOYO enabled can rebuild their kernels. But asking
> for rebuild of Fedora/RHEL kernels to end users is too painful.
I thought the argument was that Fedora WOULD ship that way, since it
needs to have the run-time selinux disabling feature?
-Kees
--
Kees Cook
Pixel Security
next prev parent reply other threads:[~2017-02-13 22:09 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-13 5:33 [kernel-hardening] [RFC PATCH 2/4] security: mark nf ops in SELinux and Smack as __ro_after_init James Morris
2017-02-13 11:29 ` [kernel-hardening] " Tetsuo Handa
2017-02-13 17:29 ` Kees Cook
2017-02-13 21:03 ` Stephen Smalley
2017-02-13 21:32 ` Casey Schaufler
2017-02-13 21:49 ` Kees Cook
2017-02-13 22:01 ` Casey Schaufler
2017-02-13 22:05 ` [kernel-hardening] Re: [RFC PATCH 2/4] security: mark nf ops inSELinux " Tetsuo Handa
2017-02-13 22:09 ` Kees Cook [this message]
2017-02-13 22:15 ` [kernel-hardening] Re: [RFC PATCH 2/4] security: mark nf ops in SELinux " Tetsuo Handa
2017-02-13 22:26 ` James Morris
2017-02-14 1:58 ` Casey Schaufler
2017-02-14 2:46 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAGXu5jK-D6VzcxQ+Jxo0=uQnu3rhkO6mqCpozwqxnELjuhn82g@mail.gmail.com' \
--to=keescook@chromium.org \
--cc=casey@schaufler-ca.com \
--cc=jmorris@namei.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-security-module@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=penguin-kernel@i-love.sakura.ne.jp \
--cc=sds@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.