From: Nicolas Bouchinet <nicolas.bouchinet@clip-os.org>
To: Mimi Zohar <zohar@linux.ibm.com>
Cc: Casey Schaufler <casey@schaufler-ca.com>,
linux-integrity@vger.kernel.org, philippe.trebuchet@ssi.gouv.fr,
dmitry.kasatkin@gmail.com, paul@paul-moore.com,
jmorris@namei.org, serge@hallyn.com, davem@davemloft.net,
lucien.xin@gmail.com, vgoyal@redhat.com, omosnace@redhat.com,
mortonm@chromium.org, nicolas.bouchinet@ssi.gouv.fr,
mic@digikod.net, cgzones@googlemail.com,
linux-security-module@vger.kernel.org, brauner@kernel.org,
keescook@chromium.org
Subject: Re: [PATCH] evm: Correct inode_init_security hooks behaviors
Date: Wed, 26 Oct 2022 10:48:55 +0200 [thread overview]
Message-ID: <Y1j0d8kT3WkeoORR@archlinux> (raw)
In-Reply-To: <21fe8e7deb04596f0fdba621b657a21c00a074f1.camel@linux.ibm.com>
Hi Mimi,
On Tue, Oct 25, 2022 at 11:58:40AM -0400, Mimi Zohar wrote:
> On Tue, 2022-10-25 at 08:06 -0700, Casey Schaufler wrote:
> > On 10/25/2022 7:21 AM, Mimi Zohar wrote:
> > > On Tue, 2022-10-25 at 15:33 +0200, Nicolas Bouchinet wrote:
> > >>> Agreed, independently as to whether BPF defines a security xattr, if
> > >>> two LSMs initialize security xattrs, then this change is needed. Are
> > >>> there any other examples?
> > >> I think that in its current state the kernel cannot load two LSM capable of xattr
> > >> initialization as they are all defined with the `LSM_FLAG_EXCLUSIVE` flag set.
> > >> But I may be unaware of other LSM in development stage.
> > > Casey, Paul, can we get confirmation on this?
> >
> > I'm working really hard to eliminate LSM_FLAG_EXCLUSIVE. Dealing with
> > multiple security modules initializing security xattrs has been in the
> > stacking patch sets that have been in review for years now. So no,
> > you can't wave the problem away by pointing at LSM_FLAG_EXCLUSIVE.
>
> Please note that the original problem being addressed by this patch
> will be addressed by Roberto's BPF patch. The question here was
> whether this addresses an existing bug, other than BPF, or a future
> one, and whether it needs to be backported.
>
Should I split the NULL pointer dereference fix in a separated patch for EVM ?
> From your response, initializing multiple security xattrs is not an
> issue at the moment so it doesn't need to be backported. Whether this
> patch should be upstreamed with the LSM stacking patch set is a
> separate question.
>
> >
> > >>> (nit: I understand the line size has generally been relaxed, but for
> > >>> IMA/EVM I would prefer it to be remain as 80 chars.)
> > >>>
> > >> No problem, will change it !
> > >>
> > >> I'll take time to run few tests with BPF and send a patch v3 with new changes.
> > > Since Roberto's patches will address the BPF bug(s), is this a fix for
> > > a real bug or a possbile future one. Cc'ing stable might not be
> > > necessary.
Ok, will remove stable.
Thanks,
Nicolas Bouchinet
next prev parent reply other threads:[~2022-10-26 8:49 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-20 13:55 [PATCH] evm: Correct inode_init_security hooks behaviors Nicolas Bouchinet
2022-10-20 15:02 ` Paul Moore
2022-10-21 13:12 ` Nicolas Bouchinet
2022-10-20 15:14 ` Mickaël Salaün
2022-10-21 14:04 ` Nicolas Bouchinet
2022-10-20 16:41 ` Casey Schaufler
2022-10-21 13:17 ` Nicolas Bouchinet
2022-10-20 19:51 ` Mimi Zohar
2022-10-21 13:47 ` Nicolas Bouchinet
2022-10-24 16:35 ` Mimi Zohar
2022-10-25 13:33 ` Nicolas Bouchinet
2022-10-25 14:21 ` Mimi Zohar
2022-10-25 14:22 ` Mimi Zohar
2022-10-25 15:06 ` Casey Schaufler
2022-10-25 15:58 ` Mimi Zohar
2022-10-26 8:48 ` Nicolas Bouchinet [this message]
2022-10-21 14:02 ` Roberto Sassu
2022-10-24 12:50 ` Nicolas Bouchinet
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y1j0d8kT3WkeoORR@archlinux \
--to=nicolas.bouchinet@clip-os.org \
--cc=brauner@kernel.org \
--cc=casey@schaufler-ca.com \
--cc=cgzones@googlemail.com \
--cc=davem@davemloft.net \
--cc=dmitry.kasatkin@gmail.com \
--cc=jmorris@namei.org \
--cc=keescook@chromium.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=lucien.xin@gmail.com \
--cc=mic@digikod.net \
--cc=mortonm@chromium.org \
--cc=nicolas.bouchinet@ssi.gouv.fr \
--cc=omosnace@redhat.com \
--cc=paul@paul-moore.com \
--cc=philippe.trebuchet@ssi.gouv.fr \
--cc=serge@hallyn.com \
--cc=vgoyal@redhat.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.