From: David Howells <dhowells@redhat.com>
To: Casey Schaufler <casey@schaufler-ca.com>
Cc: dhowells@redhat.com, ard.biesheuvel@linaro.org,
matthew.garrett@nebula.com,
linux-security-module@vger.kernel.org, linux-efi@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 3/5] Add the ability to lock down access to the running kernel image
Date: Thu, 25 May 2017 07:53:22 +0100 [thread overview]
Message-ID: <19783.1495695202@warthog.procyon.org.uk> (raw)
In-Reply-To: <80bdc6c9-004b-800f-ffd0-4b5ebf8cdeba@schaufler-ca.com>
Casey Schaufler <casey@schaufler-ca.com> wrote:
> > +#ifdef CONFIG_LOCK_DOWN_KERNEL
> > +extern bool kernel_is_locked_down(void);
> > +#else
> > +static inline bool kernel_is_locked_down(void)
>
> Should this be a bool or an int? I can imagine that someone is going to want
> various different degrees of lock down for kernels. As an int you could
> return a bitmap indicating which features were locked. This would allow
> additional things to be locked down without changing the interface.
At the moment it makes no difference, since the return value is only ever
passed directly to an if-statement.
Also, do you have an idea as to how is should be divided up?
There aren't so many cases, at least not yet, that they can't be fixed up,
perhaps with a coccinelle script.
David
WARNING: multiple messages have this Message-ID (diff)
From: David Howells <dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
To: Casey Schaufler <casey-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org>
Cc: dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org,
matthew.garrett-05XSO3Yj/JvQT0dZR+AlfA@public.gmane.org,
linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: Re: [PATCH 3/5] Add the ability to lock down access to the running kernel image
Date: Thu, 25 May 2017 07:53:22 +0100 [thread overview]
Message-ID: <19783.1495695202@warthog.procyon.org.uk> (raw)
In-Reply-To: <80bdc6c9-004b-800f-ffd0-4b5ebf8cdeba-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org>
Casey Schaufler <casey-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org> wrote:
> > +#ifdef CONFIG_LOCK_DOWN_KERNEL
> > +extern bool kernel_is_locked_down(void);
> > +#else
> > +static inline bool kernel_is_locked_down(void)
>
> Should this be a bool or an int? I can imagine that someone is going to want
> various different degrees of lock down for kernels. As an int you could
> return a bitmap indicating which features were locked. This would allow
> additional things to be locked down without changing the interface.
At the moment it makes no difference, since the return value is only ever
passed directly to an if-statement.
Also, do you have an idea as to how is should be divided up?
There aren't so many cases, at least not yet, that they can't be fixed up,
perhaps with a coccinelle script.
David
WARNING: multiple messages have this Message-ID (diff)
From: dhowells@redhat.com (David Howells)
To: linux-security-module@vger.kernel.org
Subject: [PATCH 3/5] Add the ability to lock down access to the running kernel image
Date: Thu, 25 May 2017 07:53:22 +0100 [thread overview]
Message-ID: <19783.1495695202@warthog.procyon.org.uk> (raw)
In-Reply-To: <80bdc6c9-004b-800f-ffd0-4b5ebf8cdeba@schaufler-ca.com>
Casey Schaufler <casey@schaufler-ca.com> wrote:
> > +#ifdef CONFIG_LOCK_DOWN_KERNEL
> > +extern bool kernel_is_locked_down(void);
> > +#else
> > +static inline bool kernel_is_locked_down(void)
>
> Should this be a bool or an int? I can imagine that someone is going to want
> various different degrees of lock down for kernels. As an int you could
> return a bitmap indicating which features were locked. This would allow
> additional things to be locked down without changing the interface.
At the moment it makes no difference, since the return value is only ever
passed directly to an if-statement.
Also, do you have an idea as to how is should be divided up?
There aren't so many cases, at least not yet, that they can't be fixed up,
perhaps with a coccinelle script.
David
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2017-05-25 6:53 UTC|newest]
Thread overview: 67+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-24 14:45 [PATCH 0/5] security, efi: Set lockdown if in secure boot mode David Howells
2017-05-24 14:45 ` David Howells
2017-05-24 14:45 ` David Howells
2017-05-24 14:45 ` [PATCH 1/5] efi: Move the x86 secure boot switch to generic code David Howells
2017-05-24 14:45 ` David Howells
2017-05-26 7:59 ` joeyli
2017-05-26 7:59 ` joeyli
2017-05-24 14:45 ` [PATCH 2/5] efi: Add EFI_SECURE_BOOT bit David Howells
2017-05-24 14:45 ` David Howells
2017-05-24 14:45 ` David Howells
2017-05-26 8:06 ` joeyli
2017-05-26 8:06 ` joeyli
2017-05-24 14:45 ` [PATCH 3/5] Add the ability to lock down access to the running kernel image David Howells
2017-05-24 14:45 ` David Howells
2017-05-24 15:36 ` Casey Schaufler
2017-05-24 15:36 ` Casey Schaufler
2017-05-24 15:36 ` Casey Schaufler
2017-05-25 6:53 ` David Howells [this message]
2017-05-25 6:53 ` David Howells
2017-05-25 6:53 ` David Howells
2017-05-25 18:18 ` Casey Schaufler
2017-05-25 18:18 ` Casey Schaufler
2017-05-25 18:18 ` Casey Schaufler
2017-05-26 12:43 ` David Howells
2017-05-26 12:43 ` David Howells
2017-05-26 12:43 ` David Howells
2017-05-26 17:08 ` joeyli
2017-05-26 17:08 ` joeyli
2017-05-26 8:16 ` joeyli
2017-05-26 8:16 ` joeyli
2017-05-26 8:16 ` joeyli
2017-05-24 14:45 ` [PATCH 4/5] efi: Lock down the kernel if booted in secure boot mode David Howells
2017-05-24 14:45 ` David Howells
2017-05-26 8:29 ` joeyli
2017-05-26 8:29 ` joeyli
2017-05-24 14:46 ` [PATCH 5/5] Add a sysrq option to exit " David Howells
2017-05-24 14:46 ` David Howells
2017-05-27 4:06 ` joeyli
2017-05-27 4:06 ` joeyli
2017-05-30 10:49 ` James Morris
2017-05-30 10:49 ` James Morris
2017-05-30 10:49 ` James Morris
2017-05-30 18:57 ` [PATCH 0/5] security, efi: Set lockdown if in " Ard Biesheuvel
2017-05-30 18:57 ` Ard Biesheuvel
2017-05-31 9:23 ` David Howells
2017-05-31 9:23 ` David Howells
2017-05-31 9:23 ` David Howells
2017-05-31 11:39 ` Ard Biesheuvel
2017-05-31 11:39 ` Ard Biesheuvel
2017-05-31 11:39 ` Ard Biesheuvel
2017-05-31 13:33 ` David Howells
2017-05-31 13:33 ` David Howells
2017-05-31 14:06 ` Ard Biesheuvel
2017-05-31 14:06 ` Ard Biesheuvel
2017-06-06 9:34 ` David Howells
2017-06-06 9:34 ` David Howells
2017-06-06 9:34 ` David Howells
2017-06-09 17:33 ` Ard Biesheuvel
2017-06-09 17:33 ` Ard Biesheuvel
2017-06-09 17:33 ` Ard Biesheuvel
2017-06-09 19:22 ` Kees Cook
2017-06-09 19:22 ` Kees Cook
-- strict thread matches above, loose matches on Subject: below --
2017-04-06 12:49 [PATCH 1/5] efi: Move the x86 secure boot switch to generic code David Howells
2017-04-06 12:50 ` [PATCH 3/5] Add the ability to lock down access to the running kernel image David Howells
2017-04-06 12:50 ` David Howells
2017-04-06 22:45 ` James Morris
2017-04-06 22:45 ` James Morris
2017-04-06 22:45 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=19783.1495695202@warthog.procyon.org.uk \
--to=dhowells@redhat.com \
--cc=ard.biesheuvel@linaro.org \
--cc=casey@schaufler-ca.com \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=matthew.garrett@nebula.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.