From: Karol Lewandowski <k.lewandowsk@samsung.com>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Jiri Kosina <jkosina@suse.cz>,
Linux API <linux-api@vger.kernel.org>,
linux-kernel@vger.kernel.org,
John Stultz <john.stultz@linaro.org>,
Arnd Bergmann <arnd@arndb.de>, Tejun Heo <tj@kernel.org>,
Ryan Lortie <desrt@desrt.ca>,
Simon McVittie <simon.mcvittie@collabora.co.uk>,
daniel@zonque.org, David Herrmann <dh.herrmann@gmail.com>,
Paul Moore <pmoore@redhat.com>,
"casey.schaufler@intel.com" <casey.schaufler@intel.com>,
marcel@holtmann.org, tixxdz@opendz.org,
javier.martinez@collabora.co.uk, alban.crequy@collabora.co.uk,
linux-security-module@vger.kernel.org
Subject: Re: [PATCH 00/12] Add kdbus implementation
Date: Fri, 31 Oct 2014 12:15:42 +0100 [thread overview]
Message-ID: <54536F5E.7030604@samsung.com> (raw)
In-Reply-To: <20141030202434.GA17410@kroah.com>
On 2014-10-30 21:24, Greg Kroah-Hartman wrote:
> On Thu, Oct 30, 2014 at 08:55:56PM +0100, Karol Lewandowski wrote:
>> On 2014-10-30 15:47, Greg Kroah-Hartman wrote:
>>> On Thu, Oct 30, 2014 at 11:44:39AM +0100, Karol Lewandowski wrote:
>>>> [ Sorry for breaking thread and resend - gmane rejected my original message
>>>> due to too long list of recipients... ]
>>>>
>>>> On 2014-10-30 00:40, Greg Kroah-Hartman wrote:
>>>>
>>>>> There is a 1815 line documentation file in this series, so we aren't
>>>>> trying to not provide this type of information here at all. But yes,
>>>>> more background, about why this can't be done in userspace (zero copy,
>>>>> less context switches, proper credential passing, timestamping, availble
>>>>> at early-boot, LSM hooks for security models to tie into
>>>>
>>>> While you're at it... I did some work on proof-of-concept LSM patches for
>>>> kdbus some time ago, see [1][2]. Currently, these are completely of date.
>>>>
>>>> [1] https://github.com/lmctl/linux/commits/kdbus-lsm-v4.for-systemd-v212
>>>> [2] https://github.com/lmctl/kdbus/commit/aa0885489d19be92fa41c6f0a71df28763228a40
>>>>
>>>> May I ask if you guys have your own plan for LSM or maybe it would be
>>>> worth to resurrect [1]?
>>>
>>> The core calls are already mediated by LSM today, right? We don't want
>>> anyone to be parsing the data stream through an LSM, that idea got
>>> rejected a long time ago as something that is really not a good idea.
>>
>> Parsing data is out of question, of course, but this is not what we were
>> proposing.
>
> Glad to hear it :)
>
>>> Other than that, I don't know exactly what your patches do, or why they
>>> are needed, care to go into details?
>>
>> Patches in question were supposed to add few hooks for kdbus-specific
>> operations that doesn't seem to have compatible semantics with hooks
>> currently available in LSM.
>>
>> kdbus' bus introduces quite a few new concepts that we wanted to be able
>> to limit based on MAC label/context, eg.
>>
>> - check flags at HELO stage (say disallow fd passing),
>>
>> - restrict ability to acquire name to certain subjects (for system bus),
>>
>> - disallow creation of new buses,
>>
>> - limit scope of broadcasts,
>>
>> - etc.
>
> Nice list.
>
>> Please take a look at hook list - I think most of names are self-explanatory:
>>
>> https://github.com/lmctl/linux/blob/a9fe4c33b6e5ab25a243e0590df406aabb6add12/include/linux/security.h#L1874
>>
>> kdbus modifications were pretty light - with most visible change being
>> addition of opaque security pointer to kdbus_bus and similar structs.
>
> That looks very reasonable, care to make it up into a patch I can add to
> the end of this series so it's easy to review and possibly submit as
> part of it?
I'll do my best to prepare something suitable for review, but I'm
not sure it can/should be part of next patch set.
As Paul wrote - discussion about hooks hasn't really ended up with
satisfactory conclusion but just faded away. kdbus own policy engine
has been rewritten since I last touched it so I'm not sure what part
are still applicable.
(Unfortunately, I'll be traveling from monday and likely to be offline
for a week or two...)
Thanks
--
Karol Lewandowski, Samsung R&D Institute Poland
next prev parent reply other threads:[~2014-10-31 11:15 UTC|newest]
Thread overview: 112+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-29 22:00 [PATCH 00/12] Add kdbus implementation Greg Kroah-Hartman
2014-10-29 22:00 ` kdbus: add documentation Greg Kroah-Hartman
2014-10-30 12:20 ` Peter Meerwald
[not found] ` <alpine.DEB.2.02.1410301231040.32212-jW+XmwGofnusTnJN9+BGXg@public.gmane.org>
2014-11-02 1:29 ` Greg Kroah-Hartman
2014-10-29 22:00 ` kdbus: add driver skeleton, ioctl entry points and utility functions Greg Kroah-Hartman
[not found] ` <1414620056-6675-4-git-send-email-gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>
2014-10-30 3:50 ` Eric W. Biederman
2014-10-30 23:45 ` Thomas Gleixner
2014-10-31 0:23 ` Jiri Kosina
[not found] ` <alpine.LRH.2.00.1410310114290.11562-1ReQVI26iDCaZKY3DrU6dA@public.gmane.org>
2014-10-31 0:42 ` Thomas Gleixner
2014-10-29 22:00 ` kdbus: add connection, queue handling and message validation code Greg Kroah-Hartman
[not found] ` <87k33iw759.fsf@x220.int.ebiederm.org>
[not found] ` <87k33iw759.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2014-10-30 3:55 ` Andy Lutomirski
2014-10-30 9:06 ` Djalal Harouni
2014-10-29 22:00 ` kdbus: add code to gather metadata Greg Kroah-Hartman
[not found] ` <1414620056-6675-7-git-send-email-gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>
2014-10-29 22:33 ` Andy Lutomirski
[not found] ` <CALCETrWqbpxk83L0k0_78JZCO+ntZhx_hHMcRu=vxs6VE2f5JQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-30 0:13 ` Andy Lutomirski
[not found] ` <CALCETrVkuKxMMEw3HBEOZoFUuw8PndXtB13+bLWmcp_E34SaFw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-30 8:45 ` Daniel Mack
[not found] ` <5451FA9B.8070501-cYrQPVfZoowdnm+yROfE0A@public.gmane.org>
2014-10-30 14:07 ` Andy Lutomirski
[not found] ` <CALCETrWjOS0AHF33zN0Vy1NC1441To7AgNPge3sKCz8bn2d8gg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-30 15:54 ` Daniel Mack
[not found] ` <54525F32.3040502-cYrQPVfZoowdnm+yROfE0A@public.gmane.org>
2014-10-30 21:01 ` Andy Lutomirski
[not found] ` <CALCETrV6MLYUQN6mqZbH=FrLyrETVoemtdC05po8+X=6SKQ70A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-11-01 11:05 ` Daniel Mack
[not found] ` <5454BE6E.5040507-cYrQPVfZoowdnm+yROfE0A@public.gmane.org>
2014-11-01 16:19 ` Andy Lutomirski
[not found] ` <CALCETrXxx4juUGA3mwOxq0BtErM0kj7_THxiO5LwCVLzCXnd2A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-11-03 12:00 ` Simon McVittie
[not found] ` <54576E48.40800-ZGY8ohtN/8pPYcu2f3hruQ@public.gmane.org>
2014-11-03 17:05 ` Andy Lutomirski
2014-10-30 8:09 ` Daniel Mack
2014-10-29 22:00 ` kdbus: add code for notifications and matches Greg Kroah-Hartman
2014-10-29 22:00 ` kdbus: add code for buses, domains and endpoints Greg Kroah-Hartman
[not found] ` <1414620056-6675-9-git-send-email-gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>
2014-10-30 3:59 ` Eric W. Biederman
2014-10-30 9:58 ` Djalal Harouni
2014-10-30 12:15 ` Eric W. Biederman
[not found] ` <87wq7hiwjb.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2014-10-30 14:48 ` Djalal Harouni
2014-10-30 14:58 ` Andy Lutomirski
2014-10-30 18:08 ` Djalal Harouni
2014-10-30 18:46 ` Simon McVittie
[not found] ` <54528798.40107-ZGY8ohtN/8pPYcu2f3hruQ@public.gmane.org>
2014-11-05 19:59 ` Djalal Harouni
2014-10-30 20:37 ` Andy Lutomirski
2014-10-30 21:47 ` Alex Elsayed
2014-10-30 22:00 ` Andy Lutomirski
2014-10-30 23:38 ` How Not To Use kref (was Re: kdbus: add code for buses, domains and endpoints) Al Viro
[not found] ` <20141030233801.GF7996-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2014-10-31 18:00 ` Linus Torvalds
[not found] ` <CA+55aFxB=jWGvPH3TMhB=ungOg9TBai5Ak-ma5vChBB-H2AgnQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-31 19:56 ` Al Viro
2014-11-04 9:11 ` David Herrmann
2014-10-31 1:39 ` kdbus: add code for buses, domains and endpoints Al Viro
[not found] ` <20141031013922.GG7996-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2014-10-31 9:55 ` Daniel Mack
2014-10-29 22:00 ` kdbus: add name registry implementation Greg Kroah-Hartman
2014-10-29 22:00 ` kdbus: add policy database implementation Greg Kroah-Hartman
2014-10-29 22:00 ` kdbus: add Makefile, Kconfig and MAINTAINERS entry Greg Kroah-Hartman
2014-10-29 22:00 ` kdbus: add selftests Greg Kroah-Hartman
[not found] ` <1414620056-6675-13-git-send-email-gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>
2014-10-30 8:31 ` Arnd Bergmann
2014-11-14 3:42 ` Michael Ellerman
2014-11-14 8:56 ` Daniel Mack
2014-10-29 22:15 ` [PATCH 00/12] Add kdbus implementation Andy Lutomirski
[not found] ` <CALCETrWrxc8foPYbRPtxwNX0sHK_=vLFLDXXyXu+2U2=B+=qCQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-29 22:27 ` Greg Kroah-Hartman
2014-10-29 22:34 ` Andy Lutomirski
[not found] ` <20141029222729.GB8129-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2014-10-30 2:27 ` Andy Lutomirski
[not found] ` <CALCETrVxvF2ie=vVgpjeqikn+nci_9jyKfU4s3t=4cjyNZNaNQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-30 4:20 ` Eric W. Biederman
[not found] ` <87bnourxx4.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2014-10-30 10:15 ` Tom Gundersen
[not found] ` <CAG-2HqUChohNrRSdXzckSiv8ZUYwFLMvRTc41Uo7-b-qmkSFMQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-30 12:02 ` Eric W. Biederman
2014-10-30 13:48 ` Andy Lutomirski
[not found] ` <1414620056-6675-1-git-send-email-gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>
2014-10-29 22:00 ` kdbus: add header file Greg Kroah-Hartman
[not found] ` <1414620056-6675-3-git-send-email-gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>
2014-10-30 8:20 ` Arnd Bergmann
2014-10-30 11:02 ` Tom Gundersen
2014-10-30 11:26 ` Arnd Bergmann
2014-10-30 11:52 ` Daniel Mack
2014-10-30 12:03 ` Arnd Bergmann
2014-10-31 10:03 ` Daniel Mack
2014-10-29 22:00 ` kdbus: add connection pool implementation Greg Kroah-Hartman
2014-10-29 22:15 ` [PATCH 00/12] Add kdbus implementation Greg KH
[not found] ` <20141029221505.GA7812-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2014-10-30 4:04 ` Eric W. Biederman
[not found] ` <87egtqurrp.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2014-10-30 7:12 ` Daniel Mack
2014-10-29 22:19 ` Andy Lutomirski
2014-10-29 22:25 ` Greg Kroah-Hartman
2014-10-29 22:28 ` Andy Lutomirski
2014-10-29 22:36 ` Andy Lutomirski
[not found] ` <CALCETrX6vf7cKy=XDhDtn9hn1W930MRxBa=pk93RnyuZ-EaNyw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-30 7:44 ` Daniel Mack
[not found] ` <CALCETrUBegZ4F1sKq3LxUgANX3=syYOrqOp9=F--g9pkVHHgUA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-11-05 14:34 ` Daniel Mack
2014-10-29 23:00 ` Jiri Kosina
[not found] ` <alpine.LRH.2.00.1410292354480.11562-1ReQVI26iDCaZKY3DrU6dA@public.gmane.org>
2014-10-29 23:11 ` Greg Kroah-Hartman
[not found] ` <20141029231106.GB16548-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2014-10-29 23:12 ` Greg Kroah-Hartman
2014-10-29 23:24 ` Jiri Kosina
[not found] ` <alpine.LRH.2.00.1410300019570.11562-1ReQVI26iDCaZKY3DrU6dA@public.gmane.org>
2014-10-29 23:26 ` Jiri Kosina
[not found] ` <alpine.LRH.2.00.1410300024530.11562-1ReQVI26iDCaZKY3DrU6dA@public.gmane.org>
2014-10-29 23:34 ` Greg Kroah-Hartman
2014-10-29 23:40 ` Greg Kroah-Hartman
2014-10-29 23:55 ` Andy Lutomirski
2014-10-30 11:52 ` Tom Gundersen
[not found] ` <CAG-2HqX9RUQHiF1U_CXiDVVLS-7aUOQdYn7EVNSMZNdbe38cTA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-30 12:28 ` Simon McVittie
2014-10-30 13:59 ` Andy Lutomirski
2014-10-30 20:28 ` Alex Elsayed
2014-10-30 9:51 ` Karol Lewandowski
[not found] ` <54520A21.20404-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2014-10-30 10:44 ` Karol Lewandowski
[not found] ` <54521697.1030900-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2014-10-30 14:47 ` Greg Kroah-Hartman
[not found] ` <20141030144709.GA19721-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2014-10-30 19:55 ` Karol Lewandowski
[not found] ` <545297CC.6020306-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2014-10-30 20:24 ` Greg Kroah-Hartman
2014-10-31 11:15 ` Karol Lewandowski [this message]
2014-10-30 23:13 ` One Thousand Gnomes
[not found] ` <20141030231310.0b65b762-mUKnrFFms3BCCTY1wZZT65JpZx93mCW/@public.gmane.org>
2014-10-31 10:58 ` Karol Lewandowski
2014-10-30 23:39 ` Paul Moore
2014-10-31 14:21 ` Karol Lewandowski
2014-10-31 16:36 ` [RFC PATCH 0/5] kdbus: add support for lsm Karol Lewandowski
2014-10-31 16:36 ` [PATCH 1/5] kdbus: extend structures with security pointer " Karol Lewandowski
[not found] ` <1414773397-26490-2-git-send-email-k.lewandowsk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2014-11-17 1:47 ` Karol Lewandowski
2014-11-17 18:37 ` Greg KH
2014-10-31 16:36 ` [PATCH 2/5] security: export security_file_receive for modules Karol Lewandowski
2014-10-31 16:36 ` [PATCH 3/5] kdbus: check if lsm permits installing received fds Karol Lewandowski
[not found] ` <1414773397-26490-1-git-send-email-k.lewandowsk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2014-10-31 16:36 ` [PATCH 4/5] security: introduce lsm hooks for kdbus Karol Lewandowski
2014-10-31 16:36 ` [PATCH 5/5] kdbus: make use of new lsm hooks Karol Lewandowski
2014-10-31 17:19 ` [PATCH 3/5] kdbus: check if lsm permits installing received fds Karol Lewandowski
2014-11-07 18:01 ` [RFC PATCH 0/5] kdbus: add support for lsm Greg KH
[not found] ` <20141107180120.GA15387-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2014-11-09 0:07 ` Karol Lewandowski
2014-11-02 1:21 ` [PATCH 00/12] Add kdbus implementation Greg Kroah-Hartman
[not found] ` <20141102012130.GA9335-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2014-11-03 14:38 ` One Thousand Gnomes
2014-10-30 8:33 ` Arnd Bergmann
2014-10-30 16:17 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54536F5E.7030604@samsung.com \
--to=k.lewandowsk@samsung.com \
--cc=alban.crequy@collabora.co.uk \
--cc=arnd@arndb.de \
--cc=casey.schaufler@intel.com \
--cc=daniel@zonque.org \
--cc=desrt@desrt.ca \
--cc=dh.herrmann@gmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=javier.martinez@collabora.co.uk \
--cc=jkosina@suse.cz \
--cc=john.stultz@linaro.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=marcel@holtmann.org \
--cc=pmoore@redhat.com \
--cc=simon.mcvittie@collabora.co.uk \
--cc=tixxdz@opendz.org \
--cc=tj@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).