Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <a2e63238-d4d9-ce38-bdea-93976e691a78@digikod.net>
Date: Thu, 7 Oct 2021 21:00:33 +0200
From: Mickaël Salaün <mic@...ikod.net>
To: Mimi Zohar <zohar@...ux.ibm.com>, Kees Cook <keescook@...omium.org>
Cc: bauen1 <j2468h@...glemail.com>, akpm@...ux-foundation.org, arnd@...db.de,
 casey@...aufler-ca.com, christian.brauner@...ntu.com, christian@...hon.org,
 corbet@....net, cyphar@...har.com, deven.desai@...ux.microsoft.com,
 dvyukov@...gle.com, ebiggers@...nel.org, ericchiang@...gle.com,
 fweimer@...hat.com, geert@...ux-m68k.org, jack@...e.cz, jannh@...gle.com,
 jmorris@...ei.org, kernel-hardening@...ts.openwall.com,
 linux-api@...r.kernel.org, linux-fsdevel@...r.kernel.org,
 linux-integrity@...r.kernel.org, linux-kernel@...r.kernel.org,
 linux-security-module@...r.kernel.org, luto@...nel.org,
 madvenka@...ux.microsoft.com, mjg59@...gle.com, mszeredi@...hat.com,
 mtk.manpages@...il.com, nramas@...ux.microsoft.com,
 philippe.trebuchet@....gouv.fr, scottsh@...rosoft.com, sgrubb@...hat.com,
 shuah@...nel.org, steve.dower@...hon.org, thibaut.sautereau@...p-os.org,
 vincent.strubel@....gouv.fr, viro@...iv.linux.org.uk, willy@...radead.org
Subject: Re: [PATCH v12 0/3] Add trusted_for(2) (was O_MAYEXEC)


On 07/10/2021 20:37, Mimi Zohar wrote:
> On Thu, 2021-10-07 at 20:29 +0200, Mickaël Salaün wrote:
>> On 07/10/2021 00:03, Kees Cook wrote:
>>> On Fri, Apr 09, 2021 at 07:15:42PM +0200, Mickaël Salaün wrote:
>>>> There was no new reviews, probably because the FS maintainers were busy,
>>>> and I was focused on Landlock (which is now in -next), but I plan to
>>>> send a new patch series for trusted_for(2) soon.
>>>
>>> Hi!
>>>
>>> Did this ever happen? It looks like it's in good shape, and I think it's
>>> a nice building block for userspace to have. Are you able to rebase and
>>> re-send this?
>>
>> I just sent it:
>> https://lore.kernel.org/all/20211007182321.872075-1-mic@digikod.net/
>>
>> Some Signed-off-by would be appreciated. :)
>>
> 
>>>From the cover letter, 
> 
> It is important to note that this can only enable to extend access
> control managed by the kernel.  Hence it enables current access control
> mechanism to be extended and become a superset of what they can
> currently control.  Indeed, the security policy could also be delegated
> to an LSM, either a MAC system or an integrity system.  For instance,
> this is required to close a major IMA measurement/appraisal interpreter
> integrity gap by bringing the ability to check the use of scripts [1].
> Other uses are expected, such as for magic-links [2], SGX integration
> [3], bpffs [4].
> 
>>>From a quick review of the code, I don't see a new security hook being
> defined to cover these use cases.

Indeed, there is no new hook because it would require to implement it
with a current LSM. This first step is a standalone implementation that
is useful as-is but open the way to add a new LSM hook in this new
syscall. That would be a second step for any LSM developer to implement
if interested.

> 
> thanks,
> 
> Mimi
> 
>>>
>>> I've tended to aim these things at akpm if Al gets busy. (And since
>>> you've had past review from Al, that should be hopefully sufficient.)
>>>
>>> Thanks for chasing this!
>>>
>>> -Kees
>>>
> 
> 

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.