From: Nathan Lynch <nathanl@linux.ibm.com>
To: Paul Moore <paul@paul-moore.com>
Cc: linuxppc-dev@lists.ozlabs.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org, jmorris@namei.org,
mpe@ellerman.id.au, serge@hallyn.com, ajd@linux.ibm.com,
gcwilson@linux.ibm.com, nayna@linux.ibm.com
Subject: Re: [PATCH 1/2] powerpc/pseries: block untrusted device tree changes when locked down
Date: Fri, 23 Sep 2022 10:58:33 -0500 [thread overview]
Message-ID: <875yheqdzq.fsf@linux.ibm.com> (raw)
In-Reply-To: <CAHC9VhQG_jEh_H8pV-qJgX2oX_fyGjXoBV7_EJOgvOd4ndc+Xw@mail.gmail.com>
Paul Moore <paul@paul-moore.com> writes:
>> diff --git a/include/linux/security.h b/include/linux/security.h
>> index 7bd0c490703d..1ca8dbacd3cc 100644
>> --- a/include/linux/security.h
>> +++ b/include/linux/security.h
>> @@ -122,6 +122,7 @@ enum lockdown_reason {
>> LOCKDOWN_XMON_WR,
>> LOCKDOWN_BPF_WRITE_USER,
>> LOCKDOWN_DBG_WRITE_KERNEL,
>> + LOCKDOWN_DEVICE_TREE,
>
> I would suggest moving LOCKDOWN_DEVICE_TREE to be next to
> LOCKDOWN_ACPI_TABLES. It's not a hard requirement, but it seems like
> a nice idea to group similar things when we can.
>
>> LOCKDOWN_INTEGRITY_MAX,
>> LOCKDOWN_KCORE,
>> LOCKDOWN_KPROBES,
>> diff --git a/security/security.c b/security/security.c
>> index 4b95de24bc8d..2863fc31eec6 100644
>> --- a/security/security.c
>> +++ b/security/security.c
>> @@ -60,6 +60,7 @@ const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1] = {
>> [LOCKDOWN_XMON_WR] = "xmon write access",
>> [LOCKDOWN_BPF_WRITE_USER] = "use of bpf to write user RAM",
>> [LOCKDOWN_DBG_WRITE_KERNEL] = "use of kgdb/kdb to write kernel RAM",
>> + [LOCKDOWN_DEVICE_TREE] = "modifying device tree contents",
>
> Might as well move this one too.
Yes, I can do that for v2. Thanks.
WARNING: multiple messages have this Message-ID (diff)
From: Nathan Lynch <nathanl@linux.ibm.com>
To: Paul Moore <paul@paul-moore.com>
Cc: ajd@linux.ibm.com, nayna@linux.ibm.com,
linux-kernel@vger.kernel.org, jmorris@namei.org,
linux-security-module@vger.kernel.org, gcwilson@linux.ibm.com,
linuxppc-dev@lists.ozlabs.org, serge@hallyn.com
Subject: Re: [PATCH 1/2] powerpc/pseries: block untrusted device tree changes when locked down
Date: Fri, 23 Sep 2022 10:58:33 -0500 [thread overview]
Message-ID: <875yheqdzq.fsf@linux.ibm.com> (raw)
In-Reply-To: <CAHC9VhQG_jEh_H8pV-qJgX2oX_fyGjXoBV7_EJOgvOd4ndc+Xw@mail.gmail.com>
Paul Moore <paul@paul-moore.com> writes:
>> diff --git a/include/linux/security.h b/include/linux/security.h
>> index 7bd0c490703d..1ca8dbacd3cc 100644
>> --- a/include/linux/security.h
>> +++ b/include/linux/security.h
>> @@ -122,6 +122,7 @@ enum lockdown_reason {
>> LOCKDOWN_XMON_WR,
>> LOCKDOWN_BPF_WRITE_USER,
>> LOCKDOWN_DBG_WRITE_KERNEL,
>> + LOCKDOWN_DEVICE_TREE,
>
> I would suggest moving LOCKDOWN_DEVICE_TREE to be next to
> LOCKDOWN_ACPI_TABLES. It's not a hard requirement, but it seems like
> a nice idea to group similar things when we can.
>
>> LOCKDOWN_INTEGRITY_MAX,
>> LOCKDOWN_KCORE,
>> LOCKDOWN_KPROBES,
>> diff --git a/security/security.c b/security/security.c
>> index 4b95de24bc8d..2863fc31eec6 100644
>> --- a/security/security.c
>> +++ b/security/security.c
>> @@ -60,6 +60,7 @@ const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1] = {
>> [LOCKDOWN_XMON_WR] = "xmon write access",
>> [LOCKDOWN_BPF_WRITE_USER] = "use of bpf to write user RAM",
>> [LOCKDOWN_DBG_WRITE_KERNEL] = "use of kgdb/kdb to write kernel RAM",
>> + [LOCKDOWN_DEVICE_TREE] = "modifying device tree contents",
>
> Might as well move this one too.
Yes, I can do that for v2. Thanks.
next prev parent reply other threads:[~2022-09-23 15:59 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-22 19:38 [PATCH 0/2] powerpc/pseries: restrict error injection and DT changes when locked down Nathan Lynch
2022-09-22 19:38 ` Nathan Lynch
2022-09-22 19:38 ` [PATCH 1/2] powerpc/pseries: block untrusted device tree " Nathan Lynch
2022-09-22 19:38 ` Nathan Lynch
2022-09-23 1:18 ` Paul Moore
2022-09-23 1:18 ` Paul Moore
2022-09-23 7:03 ` Michael Ellerman
2022-09-23 7:03 ` Michael Ellerman
2022-09-23 15:58 ` Nathan Lynch [this message]
2022-09-23 15:58 ` Nathan Lynch
2022-09-22 19:38 ` [PATCH 2/2] powerpc/rtas: block error injection " Nathan Lynch
2022-09-22 19:38 ` Nathan Lynch
2022-09-23 1:28 ` Paul Moore
2022-09-23 1:28 ` Paul Moore
2022-09-23 7:12 ` Michael Ellerman
2022-09-23 7:12 ` Michael Ellerman
2022-09-23 15:39 ` Nathan Lynch
2022-09-23 15:39 ` Nathan Lynch
2022-09-23 17:42 ` Paul Moore
2022-09-23 17:42 ` Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=875yheqdzq.fsf@linux.ibm.com \
--to=nathanl@linux.ibm.com \
--cc=ajd@linux.ibm.com \
--cc=gcwilson@linux.ibm.com \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=mpe@ellerman.id.au \
--cc=nayna@linux.ibm.com \
--cc=paul@paul-moore.com \
--cc=serge@hallyn.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.