Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <4821f909-8885-654d-701e-3044c79d055f@huawei.com>
Date: Tue, 11 Jul 2017 14:37:39 +0300
From: Igor Stoppa <igor.stoppa@...wei.com>
To: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>, <jglisse@...hat.com>,
        <keescook@...omium.org>, <mhocko@...nel.org>, <jmorris@...ei.org>,
        <labbott@...hat.com>, <hch@...radead.org>, <casey@...aufler-ca.com>
CC: <paul@...l-moore.com>, <sds@...ho.nsa.gov>,
        <linux-security-module@...r.kernel.org>, <linux-mm@...ck.org>,
        <linux-kernel@...r.kernel.org>, <kernel-hardening@...ts.openwall.com>
Subject: Re: [PATCH v10 0/3] mm: security: ro protection for dynamic data


On 11/07/17 14:12, Tetsuo Handa wrote:
> Igor Stoppa wrote:
>> - I had to rebase Tetsuo Handa's patch because it didn't apply cleanly
>>   anymore, I would appreciate an ACK to that or a revised patch, whatever 
>>   comes easier.
> 
> Since we are getting several proposals of changing LSM hooks and both your proposal
> and Casey's "LSM: Security module blob management" proposal touch same files, I think
> we can break these changes into small pieces so that both you and Casey can make
> future versions smaller.
> 
> If nobody has objections about direction of Igor's proposal and Casey's proposal,
> I think merging only "[PATCH 2/3] LSM: Convert security_hook_heads into explicit
> array of struct list_head" from Igor's proposal and ->security accessor wrappers (e.g.

I would like to understand if there is still interest about:

* "[PATCH 1/3] Protectable memory support"  which was my main interest
* "[PATCH 3/3] Make LSM Writable Hooks a command line option"
  which was the example of how to use [1/3]

>   #define selinux_security(obj) (obj->security)
>   #define smack_security(obj) (obj->security)
>   #define tomoyo_security(obj) (obj->security)
>   #define apparmor_security(obj) (obj->security)

For example, I see that there are various kzalloc calls that might be
useful to turn into pmalloc ones.

In general, I'd think that, after a transient is complete, where modules
are loaded by allocating dynamic data structures, they could be locked
down in read-only mode.

I have the feeling that, now that I have polished up the pmalloc patch,
the proposed use case is fading away.

Can it be adjusted to the new situation or should I look elsewhere for
an example that would justify merging pmalloc?


thanks, igor

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.