linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Casey Schaufler <casey@schaufler-ca.com>
To: "Serge E. Hallyn" <serge@hallyn.com>, "Mickaël Salaün" <mic@digikod.net>
Cc: "James Morris" <jmorris@namei.org>,
	"Jann Horn" <jannh@google.com>,
	"Al Viro" <viro@zeniv.linux.org.uk>,
	"Andrew Morton" <akpm@linux-foundation.org>,
	"Andy Lutomirski" <luto@amacapital.net>,
	"Anton Ivanov" <anton.ivanov@cambridgegreys.com>,
	"Arnd Bergmann" <arnd@arndb.de>, "Jeff Dike" <jdike@addtoit.com>,
	"Jonathan Corbet" <corbet@lwn.net>,
	"Kees Cook" <keescook@chromium.org>,
	"Michael Kerrisk" <mtk.manpages@gmail.com>,
	"Richard Weinberger" <richard@nod.at>,
	"Shuah Khan" <shuah@kernel.org>,
	"Vincent Dagonneau" <vincent.dagonneau@ssi.gouv.fr>,
	kernel-hardening@lists.openwall.com, linux-api@vger.kernel.org,
	linux-arch@vger.kernel.org, linux-doc@vger.kernel.org,
	linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
	linux-kselftest@vger.kernel.org,
	linux-security-module@vger.kernel.org, x86@kernel.org,
	"John Johansen" <john.johansen@canonical.com>,
	"Mickaël Salaün" <mic@linux.microsoft.com>,
	"Stephen Smalley" <stephen.smalley.work@gmail.com>,
	"Casey Schaufler" <casey@schaufler-ca.com>
Subject: Re: [PATCH v28 05/12] LSM: Infrastructure management of the superblock
Date: Fri, 5 Feb 2021 08:51:35 -0800	[thread overview]
Message-ID: <cb3f290b-e4e6-44b9-9c0d-4f892cc90767@schaufler-ca.com> (raw)
In-Reply-To: <20210205141749.GB17981@mail.hallyn.com>

On 2/5/2021 6:17 AM, Serge E. Hallyn wrote:
> On Tue, Feb 02, 2021 at 05:27:03PM +0100, Mickaël Salaün wrote:
>> From: Casey Schaufler <casey@schaufler-ca.com>
>>
>> Move management of the superblock->sb_security blob out of the
>> individual security modules and into the security infrastructure.
>> Instead of allocating the blobs from within the modules, the modules
>> tell the infrastructure how much space is required, and the space is
>> allocated there.
>>
>> Cc: Kees Cook <keescook@chromium.org>
>> Cc: John Johansen <john.johansen@canonical.com>
>> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
>> Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>
>> Reviewed-by: Stephen Smalley <stephen.smalley.work@gmail.com>
> Acked-by: Serge Hallyn <serge@hallyn.com>
>
> I wonder how many out of tree modules this will impact :)

There are several blobs that have already been converted
to infrastructure management. Not a peep from out-of-tree
module developers/maintainers. I can only speculate that
OOT modules are either less common than we may think, using
alternative data management models (as does eBPF) or
sticking with very old kernels. It's also possible that
they're suffering in silence, which would be sad because
every module that's worth having should be in the tree.

> Actually
> if some new incoming module does an rcu callback to free the
> sb_security, then the security_sb_free will need an update, but
> that seems unlikely.

We're already doing that for the inode blob, so it's
really just a small matter of cut-n-paste and s/inode/sb/
to make that happen.



  reply	other threads:[~2021-02-05 17:23 UTC|newest]

Thread overview: 28+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-02-02 16:26 [PATCH v28 00/12] Landlock LSM Mickaël Salaün
2021-02-02 16:26 ` [PATCH v28 01/12] landlock: Add object management Mickaël Salaün
2021-02-03 14:21   ` Serge E. Hallyn
2021-02-03 15:27     ` Mickaël Salaün
2021-02-02 16:27 ` [PATCH v28 02/12] landlock: Add ruleset and domain management Mickaël Salaün
2021-02-04  3:30   ` Serge E. Hallyn
2021-02-02 16:27 ` [PATCH v28 03/12] landlock: Set up the security framework and manage credentials Mickaël Salaün
2021-02-04  3:46   ` Serge E. Hallyn
2021-02-02 16:27 ` [PATCH v28 04/12] landlock: Add ptrace restrictions Mickaël Salaün
2021-02-05 13:48   ` Serge E. Hallyn
2021-02-02 16:27 ` [PATCH v28 05/12] LSM: Infrastructure management of the superblock Mickaël Salaün
2021-02-05 14:17   ` Serge E. Hallyn
2021-02-05 16:51     ` Casey Schaufler [this message]
2021-02-05 16:51     ` Casey Schaufler
2021-02-02 16:27 ` [PATCH v28 06/12] fs,security: Add sb_delete hook Mickaël Salaün
2021-02-05 14:21   ` Serge E. Hallyn
2021-02-05 14:57     ` Mickaël Salaün
2021-02-07  4:18       ` Serge E. Hallyn
2021-02-02 16:27 ` [PATCH v28 07/12] landlock: Support filesystem access-control Mickaël Salaün
2021-02-10 19:36   ` Serge E. Hallyn
2021-02-10 20:17     ` Mickaël Salaün
2021-02-19 15:34       ` Serge E. Hallyn
2021-02-02 16:27 ` [PATCH v28 08/12] landlock: Add syscall implementations Mickaël Salaün
2021-02-03 15:04   ` Serge E. Hallyn
2021-02-02 16:27 ` [PATCH v28 09/12] arch: Wire up Landlock syscalls Mickaël Salaün
2021-02-02 16:27 ` [PATCH v28 10/12] selftests/landlock: Add user space tests Mickaël Salaün
2021-02-02 16:27 ` [PATCH v28 11/12] samples/landlock: Add a sandbox manager example Mickaël Salaün
2021-02-02 16:27 ` [PATCH v28 12/12] landlock: Add user and kernel documentation Mickaël Salaün

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cb3f290b-e4e6-44b9-9c0d-4f892cc90767@schaufler-ca.com \
    --to=casey@schaufler-ca.com \
    --cc=akpm@linux-foundation.org \
    --cc=anton.ivanov@cambridgegreys.com \
    --cc=arnd@arndb.de \
    --cc=corbet@lwn.net \
    --cc=jannh@google.com \
    --cc=jdike@addtoit.com \
    --cc=jmorris@namei.org \
    --cc=john.johansen@canonical.com \
    --cc=keescook@chromium.org \
    --cc=kernel-hardening@lists.openwall.com \
    --cc=linux-api@vger.kernel.org \
    --cc=linux-arch@vger.kernel.org \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-kselftest@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=luto@amacapital.net \
    --cc=mic@digikod.net \
    --cc=mic@linux.microsoft.com \
    --cc=mtk.manpages@gmail.com \
    --cc=richard@nod.at \
    --cc=serge@hallyn.com \
    --cc=shuah@kernel.org \
    --cc=stephen.smalley.work@gmail.com \
    --cc=vincent.dagonneau@ssi.gouv.fr \
    --cc=viro@zeniv.linux.org.uk \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).