From: Mimi Zohar <zohar@linux.ibm.com>
To: "Mickaël Salaün" <mic@digikod.net>, "Kees Cook" <keescook@chromium.org>
Cc: bauen1 <j2468h@googlemail.com>,
akpm@linux-foundation.org, arnd@arndb.de, casey@schaufler-ca.com,
christian.brauner@ubuntu.com, christian@python.org,
corbet@lwn.net, cyphar@cyphar.com,
deven.desai@linux.microsoft.com, dvyukov@google.com,
ebiggers@kernel.org, ericchiang@google.com, fweimer@redhat.com,
geert@linux-m68k.org, jack@suse.cz, jannh@google.com,
jmorris@namei.org, kernel-hardening@lists.openwall.com,
linux-api@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-security-module@vger.kernel.org, luto@kernel.org,
madvenka@linux.microsoft.com, mjg59@google.com,
mszeredi@redhat.com, mtk.manpages@gmail.com,
nramas@linux.microsoft.com, philippe.trebuchet@ssi.gouv.fr,
scottsh@microsoft.com, sean.j.christopherson@intel.com,
sgrubb@redhat.com, shuah@kernel.org, steve.dower@python.org,
thibaut.sautereau@clip-os.org, vincent.strubel@ssi.gouv.fr,
viro@zeniv.linux.org.uk, willy@infradead.org
Subject: Re: [PATCH v12 0/3] Add trusted_for(2) (was O_MAYEXEC)
Date: Thu, 07 Oct 2021 14:37:17 -0400 [thread overview]
Message-ID: <7ee6ba1200b854fc6012b0cec49849f7c0789f42.camel@linux.ibm.com> (raw)
In-Reply-To: <4c4bbd74-0599-fed5-0340-eff197bafeb1@digikod.net>
On Thu, 2021-10-07 at 20:29 +0200, Mickaël Salaün wrote:
> On 07/10/2021 00:03, Kees Cook wrote:
> > On Fri, Apr 09, 2021 at 07:15:42PM +0200, Mickaël Salaün wrote:
> >> There was no new reviews, probably because the FS maintainers were busy,
> >> and I was focused on Landlock (which is now in -next), but I plan to
> >> send a new patch series for trusted_for(2) soon.
> >
> > Hi!
> >
> > Did this ever happen? It looks like it's in good shape, and I think it's
> > a nice building block for userspace to have. Are you able to rebase and
> > re-send this?
>
> I just sent it:
> https://lore.kernel.org/all/20211007182321.872075-1-mic@digikod.net/
>
> Some Signed-off-by would be appreciated. :)
>
From the cover letter,
It is important to note that this can only enable to extend access
control managed by the kernel. Hence it enables current access control
mechanism to be extended and become a superset of what they can
currently control. Indeed, the security policy could also be delegated
to an LSM, either a MAC system or an integrity system. For instance,
this is required to close a major IMA measurement/appraisal interpreter
integrity gap by bringing the ability to check the use of scripts [1].
Other uses are expected, such as for magic-links [2], SGX integration
[3], bpffs [4].
From a quick review of the code, I don't see a new security hook being
defined to cover these use cases.
thanks,
Mimi
> >
> > I've tended to aim these things at akpm if Al gets busy. (And since
> > you've had past review from Al, that should be hopefully sufficient.)
> >
> > Thanks for chasing this!
> >
> > -Kees
> >
next prev parent reply other threads:[~2021-10-07 18:38 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-03 17:31 [PATCH v12 0/3] Add trusted_for(2) (was O_MAYEXEC) Mickaël Salaün
2020-12-03 17:31 ` [PATCH v12 1/3] fs: Add trusted_for(2) syscall implementation and related sysctl Mickaël Salaün
2020-12-03 17:31 ` [PATCH v12 2/3] arch: Wire up trusted_for(2) Mickaël Salaün
2020-12-03 17:31 ` [PATCH v12 3/3] selftest/interpreter: Add tests for trusted_for(2) policies Mickaël Salaün
2021-04-09 16:26 ` [PATCH v12 0/3] Add trusted_for(2) (was O_MAYEXEC) bauen1
2021-04-09 17:15 ` Mickaël Salaün
2021-10-06 22:03 ` Kees Cook
2021-10-07 18:29 ` Mickaël Salaün
2021-10-07 18:37 ` Mimi Zohar [this message]
2021-10-07 19:00 ` Mickaël Salaün
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7ee6ba1200b854fc6012b0cec49849f7c0789f42.camel@linux.ibm.com \
--to=zohar@linux.ibm.com \
--cc=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=casey@schaufler-ca.com \
--cc=christian.brauner@ubuntu.com \
--cc=christian@python.org \
--cc=corbet@lwn.net \
--cc=cyphar@cyphar.com \
--cc=deven.desai@linux.microsoft.com \
--cc=dvyukov@google.com \
--cc=ebiggers@kernel.org \
--cc=ericchiang@google.com \
--cc=fweimer@redhat.com \
--cc=geert@linux-m68k.org \
--cc=j2468h@googlemail.com \
--cc=jack@suse.cz \
--cc=jannh@google.com \
--cc=jmorris@namei.org \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-api@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=luto@kernel.org \
--cc=madvenka@linux.microsoft.com \
--cc=mic@digikod.net \
--cc=mjg59@google.com \
--cc=mszeredi@redhat.com \
--cc=mtk.manpages@gmail.com \
--cc=nramas@linux.microsoft.com \
--cc=philippe.trebuchet@ssi.gouv.fr \
--cc=scottsh@microsoft.com \
--cc=sean.j.christopherson@intel.com \
--cc=sgrubb@redhat.com \
--cc=shuah@kernel.org \
--cc=steve.dower@python.org \
--cc=thibaut.sautereau@clip-os.org \
--cc=vincent.strubel@ssi.gouv.fr \
--cc=viro@zeniv.linux.org.uk \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.