From: Salvatore Mesoraca <s.mesoraca16@gmail.com> To: James Morris <jmorris@namei.org> Cc: casey@schaufler-ca.com, mic@digikod.net, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, selinux@tycho.nsa.gov, john.johansen@canonical.com, keescook@chromium.org, penguin-kernel@i-love.sakura.ne.jp, paul@paul-moore.com, sds@tycho.nsa.gov, linux-fsdevel@vger.kernel.org, adobriyan@gmail.com, casey.schaufler@intel.com Subject: Re: [PATCH v2 00/10] LSM: Module stacking in support of S.A.R.A and Landlock Date: Sun, 16 Sep 2018 18:54:09 +0200 [thread overview] Message-ID: <CAJHCu1+Nja-XqfFKdxu2hDcUBzgvvjcf42yeGnUuVY3wsrZfSQ@mail.gmail.com> (raw) In-Reply-To: <alpine.LRH.2.21.1809130727310.19741@namei.org> On Wed, 12 Sep 2018, James Morris <jmorris@namei.org> wrote: > Adding the SARA and LandLock authors for review & comment. > > Salvatore & Mickaël: does this patchset meet your needs for merging to > mainline? Since the last time I submitted the patch to the ML, it grew a bit: now it needs inode's blob stacking (which is already included for Landlock) and kern_ipc_perm's blob stacking. The last one isn't implemented in this patchset, but it isn't absolutely necessary. I can merge a version of SARA that doesn't need it and than update it when possible. I can provide the same level of protection without using kern_ipc_perm blob, I'm using it just to minimize some potential side effects. > > On Tue, 11 Sep 2018, Casey Schaufler wrote: > > > LSM: Module stacking in support of S.A.R.A and Landlock > > > > v2: Reduce the patchset to what is required to support > > the proposed S.A.R.A. and LandLock security modules > > > > The S.A.R.A. security module is intended to be used > > in conjunction with other security modules. It requires > > state to be maintained for the credential, which > > in turn requires a mechanism for sharing the credential > > security blob. The module also requires mechanism for > > user space manipulation of the credential information, > > hence an additional subdirectory in /proc/.../attr. > > > > The LandLock security module provides user configurable > > policy in the secmark mechanism. It requires data in > > the credential, file and inode security blobs. For this > > to be used along side the existing "major" security > > modules mechanism for sharing these blobs is provided. > > > > A side effect of providing sharing of the crendential > > security blob is that the TOMOYO module can be used at > > the same time as the other "major" modules. > > > > The mechanism for configuring which security modules are > > enabled has to change when stacking in enabled. Any > > module that uses just the security blobs that are shared > > can be selected. Additionally, one other "major" module > > can be selected. > > > > The security module stacking issues around networking and > > IPC are not addressed here as they are beyond what is > > required for TOMOYO, S.A.R.A and LandLock. > > > > git://github.com/cschaufler/lsm-stacking.git#stacking-4.19-rc2-saralock > > > > Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> > > --- > > Documentation/admin-guide/LSM/index.rst | 23 ++- > > fs/proc/base.c | 64 ++++++- > > fs/proc/internal.h | 1 + > > include/linux/lsm_hooks.h | 20 ++- > > include/linux/security.h | 15 +- > > kernel/cred.c | 13 -- > > security/Kconfig | 92 ++++++++++ > > security/apparmor/domain.c | 2 +- > > security/apparmor/include/cred.h | 24 ++- > > security/apparmor/include/file.h | 9 +- > > security/apparmor/include/lib.h | 4 + > > security/apparmor/lsm.c | 53 ++++-- > > security/apparmor/task.c | 6 +- > > security/security.c | 293 ++++++++++++++++++++++++++++++-- > > security/selinux/hooks.c | 215 ++++++++--------------- > > security/selinux/include/objsec.h | 37 +++- > > security/selinux/selinuxfs.c | 5 +- > > security/selinux/xfrm.c | 4 +- > > security/smack/smack.h | 42 ++++- > > security/smack/smack_access.c | 4 +- > > security/smack/smack_lsm.c | 283 +++++++++++------------------- > > security/smack/smackfs.c | 18 +- > > security/tomoyo/common.h | 31 +++- > > security/tomoyo/domain.c | 4 +- > > security/tomoyo/securityfs_if.c | 15 +- > > security/tomoyo/tomoyo.c | 57 +++++-- > > 26 files changed, 899 insertions(+), 435 deletions(-) > > > > -- > James Morris > <jmorris@namei.org>
WARNING: multiple messages have this Message-ID (diff)
From: s.mesoraca16@gmail.com (Salvatore Mesoraca) To: linux-security-module@vger.kernel.org Subject: [PATCH v2 00/10] LSM: Module stacking in support of S.A.R.A and Landlock Date: Sun, 16 Sep 2018 18:54:09 +0200 [thread overview] Message-ID: <CAJHCu1+Nja-XqfFKdxu2hDcUBzgvvjcf42yeGnUuVY3wsrZfSQ@mail.gmail.com> (raw) In-Reply-To: <alpine.LRH.2.21.1809130727310.19741@namei.org> On Wed, 12 Sep 2018, James Morris <jmorris@namei.org> wrote: > Adding the SARA and LandLock authors for review & comment. > > Salvatore & Micka?l: does this patchset meet your needs for merging to > mainline? Since the last time I submitted the patch to the ML, it grew a bit: now it needs inode's blob stacking (which is already included for Landlock) and kern_ipc_perm's blob stacking. The last one isn't implemented in this patchset, but it isn't absolutely necessary. I can merge a version of SARA that doesn't need it and than update it when possible. I can provide the same level of protection without using kern_ipc_perm blob, I'm using it just to minimize some potential side effects. > > On Tue, 11 Sep 2018, Casey Schaufler wrote: > > > LSM: Module stacking in support of S.A.R.A and Landlock > > > > v2: Reduce the patchset to what is required to support > > the proposed S.A.R.A. and LandLock security modules > > > > The S.A.R.A. security module is intended to be used > > in conjunction with other security modules. It requires > > state to be maintained for the credential, which > > in turn requires a mechanism for sharing the credential > > security blob. The module also requires mechanism for > > user space manipulation of the credential information, > > hence an additional subdirectory in /proc/.../attr. > > > > The LandLock security module provides user configurable > > policy in the secmark mechanism. It requires data in > > the credential, file and inode security blobs. For this > > to be used along side the existing "major" security > > modules mechanism for sharing these blobs is provided. > > > > A side effect of providing sharing of the crendential > > security blob is that the TOMOYO module can be used at > > the same time as the other "major" modules. > > > > The mechanism for configuring which security modules are > > enabled has to change when stacking in enabled. Any > > module that uses just the security blobs that are shared > > can be selected. Additionally, one other "major" module > > can be selected. > > > > The security module stacking issues around networking and > > IPC are not addressed here as they are beyond what is > > required for TOMOYO, S.A.R.A and LandLock. > > > > git://github.com/cschaufler/lsm-stacking.git#stacking-4.19-rc2-saralock > > > > Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> > > --- > > Documentation/admin-guide/LSM/index.rst | 23 ++- > > fs/proc/base.c | 64 ++++++- > > fs/proc/internal.h | 1 + > > include/linux/lsm_hooks.h | 20 ++- > > include/linux/security.h | 15 +- > > kernel/cred.c | 13 -- > > security/Kconfig | 92 ++++++++++ > > security/apparmor/domain.c | 2 +- > > security/apparmor/include/cred.h | 24 ++- > > security/apparmor/include/file.h | 9 +- > > security/apparmor/include/lib.h | 4 + > > security/apparmor/lsm.c | 53 ++++-- > > security/apparmor/task.c | 6 +- > > security/security.c | 293 ++++++++++++++++++++++++++++++-- > > security/selinux/hooks.c | 215 ++++++++--------------- > > security/selinux/include/objsec.h | 37 +++- > > security/selinux/selinuxfs.c | 5 +- > > security/selinux/xfrm.c | 4 +- > > security/smack/smack.h | 42 ++++- > > security/smack/smack_access.c | 4 +- > > security/smack/smack_lsm.c | 283 +++++++++++------------------- > > security/smack/smackfs.c | 18 +- > > security/tomoyo/common.h | 31 +++- > > security/tomoyo/domain.c | 4 +- > > security/tomoyo/securityfs_if.c | 15 +- > > security/tomoyo/tomoyo.c | 57 +++++-- > > 26 files changed, 899 insertions(+), 435 deletions(-) > > > > -- > James Morris > <jmorris@namei.org>
next prev parent reply other threads:[~2018-09-16 16:54 UTC|newest] Thread overview: 117+ messages / expand[flat|nested] mbox.gz Atom feed top 2018-09-11 16:26 [PATCH v2 00/10] LSM: Module stacking in support of S.A.R.A and Landlock Casey Schaufler 2018-09-11 16:26 ` Casey Schaufler 2018-09-11 16:41 ` [PATCH 01/10] procfs: add smack subdir to attrs Casey Schaufler 2018-09-11 16:41 ` Casey Schaufler 2018-09-11 23:45 ` Ahmed S. Darwish 2018-09-11 23:45 ` Ahmed S. Darwish 2018-09-12 0:01 ` Casey Schaufler 2018-09-12 0:01 ` Casey Schaufler 2018-09-12 22:57 ` Kees Cook 2018-09-12 22:57 ` Kees Cook 2018-09-11 16:41 ` [PATCH 02/10] Smack: Abstract use of cred security blob Casey Schaufler 2018-09-11 16:41 ` Casey Schaufler 2018-09-12 23:04 ` Kees Cook 2018-09-12 23:04 ` Kees Cook 2018-09-11 16:41 ` [PATCH 03/10] SELinux: " Casey Schaufler 2018-09-11 16:41 ` Casey Schaufler 2018-09-12 23:10 ` Kees Cook 2018-09-12 23:10 ` Kees Cook 2018-09-11 16:41 ` [PATCH 04/10] LSM: Infrastructure management of the " Casey Schaufler 2018-09-11 16:41 ` Casey Schaufler 2018-09-12 23:53 ` Kees Cook 2018-09-12 23:53 ` Kees Cook 2018-09-13 19:01 ` Casey Schaufler 2018-09-13 19:01 ` Casey Schaufler 2018-09-13 21:12 ` Kees Cook 2018-09-13 21:12 ` Kees Cook 2018-09-11 16:41 ` [PATCH 05/10] SELinux: Abstract use of file " Casey Schaufler 2018-09-11 16:41 ` Casey Schaufler 2018-09-12 23:54 ` Kees Cook 2018-09-12 23:54 ` Kees Cook 2018-09-11 16:42 ` [PATCH 06/10] LSM: Infrastructure management of the " Casey Schaufler 2018-09-11 16:42 ` Casey Schaufler 2018-09-13 0:00 ` Kees Cook 2018-09-13 0:00 ` Kees Cook 2018-09-11 16:42 ` [PATCH 07/10] SELinux: Abstract use of inode " Casey Schaufler 2018-09-11 16:42 ` Casey Schaufler 2018-09-13 0:23 ` Kees Cook 2018-09-13 0:23 ` Kees Cook 2018-09-11 16:42 ` [PATCH 08/10] Smack: " Casey Schaufler 2018-09-11 16:42 ` Casey Schaufler 2018-09-13 0:24 ` Kees Cook 2018-09-13 0:24 ` Kees Cook 2018-09-11 16:42 ` [PATCH 09/10] LSM: Infrastructure management of the inode security Casey Schaufler 2018-09-11 16:42 ` Casey Schaufler 2018-09-13 0:30 ` Kees Cook 2018-09-13 0:30 ` Kees Cook 2018-09-11 16:42 ` [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock Casey Schaufler 2018-09-11 16:42 ` Casey Schaufler 2018-09-13 4:19 ` Kees Cook 2018-09-13 4:19 ` Kees Cook 2018-09-13 13:16 ` Paul Moore 2018-09-13 13:16 ` Paul Moore 2018-09-13 15:19 ` Kees Cook 2018-09-13 15:19 ` Kees Cook 2018-09-13 19:12 ` Paul Moore 2018-09-13 19:12 ` Paul Moore 2018-09-13 20:58 ` Jordan Glover 2018-09-13 20:58 ` Jordan Glover 2018-09-13 20:58 ` Jordan Glover 2018-09-13 21:50 ` Paul Moore 2018-09-13 21:50 ` Paul Moore 2018-09-13 22:04 ` Jordan Glover 2018-09-13 22:04 ` Jordan Glover 2018-09-13 22:04 ` Jordan Glover 2018-09-13 23:01 ` Casey Schaufler 2018-09-13 23:01 ` Casey Schaufler 2018-09-13 21:01 ` Kees Cook 2018-09-13 21:01 ` Kees Cook 2018-09-13 21:38 ` Paul Moore 2018-09-13 21:38 ` Paul Moore 2018-09-13 21:51 ` Kees Cook 2018-09-13 21:51 ` Kees Cook 2018-09-13 23:06 ` Kees Cook 2018-09-13 23:06 ` Kees Cook 2018-09-13 23:32 ` John Johansen 2018-09-13 23:32 ` John Johansen 2018-09-13 23:51 ` Kees Cook 2018-09-13 23:51 ` Kees Cook 2018-09-14 0:03 ` Casey Schaufler 2018-09-14 0:03 ` Casey Schaufler 2018-09-14 0:06 ` Kees Cook 2018-09-14 0:06 ` Kees Cook 2018-09-13 23:51 ` Casey Schaufler 2018-09-13 23:51 ` Casey Schaufler 2018-09-13 23:57 ` Kees Cook 2018-09-13 23:57 ` Kees Cook 2018-09-14 0:08 ` Casey Schaufler 2018-09-14 0:08 ` Casey Schaufler 2018-09-14 0:19 ` Kees Cook 2018-09-14 0:19 ` Kees Cook 2018-09-14 15:57 ` Casey Schaufler 2018-09-14 15:57 ` Casey Schaufler 2018-09-14 20:05 ` Kees Cook 2018-09-14 20:05 ` Kees Cook 2018-09-14 20:47 ` Casey Schaufler 2018-09-14 20:47 ` Casey Schaufler 2018-09-14 18:18 ` James Morris 2018-09-14 18:18 ` James Morris 2018-09-14 18:23 ` John Johansen 2018-09-14 18:23 ` John Johansen 2018-09-14 0:03 ` Kees Cook 2018-09-14 0:03 ` Kees Cook 2018-09-14 2:42 ` Paul Moore 2018-09-14 2:42 ` Paul Moore 2018-09-11 20:43 ` [PATCH v2 00/10] LSM: Module stacking in support of S.A.R.A and Landlock James Morris 2018-09-11 20:43 ` James Morris 2018-09-12 21:29 ` James Morris 2018-09-12 21:29 ` James Morris 2018-09-16 16:54 ` Salvatore Mesoraca [this message] 2018-09-16 16:54 ` Salvatore Mesoraca 2018-09-16 17:25 ` Casey Schaufler 2018-09-16 17:25 ` Casey Schaufler 2018-09-16 17:45 ` Salvatore Mesoraca 2018-09-16 17:45 ` Salvatore Mesoraca 2018-09-18 7:44 ` Mickaël Salaün 2018-09-18 15:23 ` Casey Schaufler 2018-09-18 15:23 ` Casey Schaufler
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=CAJHCu1+Nja-XqfFKdxu2hDcUBzgvvjcf42yeGnUuVY3wsrZfSQ@mail.gmail.com \ --to=s.mesoraca16@gmail.com \ --cc=adobriyan@gmail.com \ --cc=casey.schaufler@intel.com \ --cc=casey@schaufler-ca.com \ --cc=jmorris@namei.org \ --cc=john.johansen@canonical.com \ --cc=keescook@chromium.org \ --cc=linux-fsdevel@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-security-module@vger.kernel.org \ --cc=mic@digikod.net \ --cc=paul@paul-moore.com \ --cc=penguin-kernel@i-love.sakura.ne.jp \ --cc=sds@tycho.nsa.gov \ --cc=selinux@tycho.nsa.gov \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.