From: Mimi Zohar <zohar@linux.ibm.com>
To: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>,
linux-integrity@vger.kernel.org, sashal@kernel.org,
jamorris@linux.microsoft.com, kgoldman@us.ibm.com,
mjg59@google.com, dhowells@redhat.com
Cc: balajib@linux.microsoft.com, prsriva@linux.microsoft.com,
jorhand@linux.microsoft.com, patatash@linux.microsoft.com
Subject: Re: [PATCH v0 1/1] KEYS: LSM Hook for key_create_or_update
Date: Tue, 15 Oct 2019 20:30:32 -0400 [thread overview]
Message-ID: <1571185832.5250.153.camel@linux.ibm.com> (raw)
In-Reply-To: <20191015231750.25992-2-nramas@linux.microsoft.com>
On Tue, 2019-10-15 at 16:17 -0700, Lakshmi Ramasubramanian wrote:
> Add a LSM Hook for key_create_or_update function. The motive behind
> this change is enable subsystems to receive notification when
> a new key is created or updated.
As per Documentation/process/submitting-patches.rst section "2)
Describe your changes", please begin the patch description by
describing the problem.
>
> IMA will be one of the subsystems that will use this hook to measure
> the newly created key.
>
> This change set includes helper functions to check if the keyring
> (to which a new key is being added, for example) is one of
> the trusted keys keyring (builtin, secondary, or platform).
>
> The change set also includes an IMA function that will be called
> from the LSM hook to notify of the newly created key and the keyring
> to which the key is being added to.
>
> Signed-off-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
This patch should be broken up even further.[1] In this case to
simplify review, separate defining the new LSM hook from any IMA code.
Different maintainers need to Ack/sign off on these patches.
The new LSM hook patch, with a clear well written patch description,
should be posted on the LSM mailing list as well.
[1] Refer to Documentation/process/submitting-patches.rst section 3)
"Separate your changes".
> ---
> certs/system_keyring.c | 23 +++++++++++++++++++++++
> include/keys/system_keyring.h | 4 ++++
> include/linux/ima.h | 8 ++++++++
> include/linux/lsm_hooks.h | 14 ++++++++++++++
> include/linux/security.h | 10 ++++++++++
> security/integrity/ima/ima.h | 1 +
> security/integrity/ima/ima_main.c | 19 +++++++++++++++++++
> security/keys/key.c | 8 ++++++++
> security/security.c | 11 +++++++++++
> 9 files changed, 98 insertions(+)
>
> diff --git a/certs/system_keyring.c b/certs/system_keyring.c
> index 1eba08a1af82..a89d23fb5d9d 100644
> --- a/certs/system_keyring.c
> +++ b/certs/system_keyring.c
> @@ -283,3 +283,26 @@ void __init set_platform_trusted_keys(struct key *keyring)
> platform_trusted_keys = keyring;
> }
> #endif
> +
> +inline bool is_builtin_trusted_keyring(struct key *keyring)
> +{
> + return (keyring == builtin_trusted_keys);
> +}
> +
> +inline bool is_secondary_trusted_keyring(struct key *keyring)
> +{
> + #ifdef CONFIG_SECONDARY_TRUSTED_KEYRING
> + return (keyring == secondary_trusted_keys);
> + #else
> + return false;
> + #endif
> +}
> +
> +inline bool is_platform_trusted_keyring(struct key *keyring)
> +{
> + #ifdef CONFIG_INTEGRITY_PLATFORM_KEYRING
> + return (keyring == platform_trusted_keys);
> + #else
> + return false;
> + #endif
> +}
Why are these functions defined in a new LSM hook patch? Before
posting a patch, please review the patch line by line, making sure
that there isn't anything extraneous.
> diff --git a/include/keys/system_keyring.h b/include/keys/system_keyring.h
> index c1a96fdf598b..2517181d8d6c 100644
> --- a/include/keys/system_keyring.h
> +++ b/include/keys/system_keyring.h
> @@ -66,4 +66,8 @@ static inline void set_platform_trusted_keys(struct key *keyring)
> }
> #endif
>
> +extern bool is_builtin_trusted_keyring(struct key *keyring);
> +extern bool is_secondary_trusted_keyring(struct key *keyring);
> +extern bool is_platform_trusted_keyring(struct key *keyring);
> +
Not needed in this patch.
Mimi
next prev parent reply other threads:[~2019-10-16 0:30 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-15 23:17 [PATCH v0 0/1] KEYS: LSM Hook for key_create_or_update Lakshmi Ramasubramanian
2019-10-15 23:17 ` [PATCH v0 1/1] " Lakshmi Ramasubramanian
2019-10-16 0:30 ` Mimi Zohar [this message]
2019-10-16 15:04 ` Lakshmi Ramasubramanian
2019-10-16 16:41 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1571185832.5250.153.camel@linux.ibm.com \
--to=zohar@linux.ibm.com \
--cc=balajib@linux.microsoft.com \
--cc=dhowells@redhat.com \
--cc=jamorris@linux.microsoft.com \
--cc=jorhand@linux.microsoft.com \
--cc=kgoldman@us.ibm.com \
--cc=linux-integrity@vger.kernel.org \
--cc=mjg59@google.com \
--cc=nramas@linux.microsoft.com \
--cc=patatash@linux.microsoft.com \
--cc=prsriva@linux.microsoft.com \
--cc=sashal@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.