From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from userp1040.oracle.com ([156.151.31.81]:43071 "EHLO userp1040.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752050AbdJZJL2 (ORCPT ); Thu, 26 Oct 2017 05:11:28 -0400 Date: Thu, 26 Oct 2017 11:11:09 +0200 (CEST) From: James Morris To: Matthew Garrett cc: linux-integrity@vger.kernel.org, zohar@linux.vnet.ibm.com, Paul Moore , Stephen Smalley , Eric Paris , selinux@tycho.nsa.gov, Casey Schaufler , linux-security-module@vger.kernel.org, Dmitry Kasatkin Subject: Re: [PATCH V3 2/2] IMA: Support using new creds in appraisal policy In-Reply-To: <20171026084055.25482-2-mjg59@google.com> Message-ID: References: <20171026084055.25482-1-mjg59@google.com> <20171026084055.25482-2-mjg59@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-integrity-owner@vger.kernel.org List-ID: On Thu, 26 Oct 2017, Matthew Garrett wrote: > The existing BPRM_CHECK functionality in IMA validates against the > credentials of the existing process, not any new credentials that the > child process may transition to. Add an additional CREDS_CHECK target > and refactor IMA to pass the appropriate creds structure. In > ima_bprm_check(), check with both the existing process credentials and > the credentials that will be committed when the new process is started. > This will not change behaviour unless the system policy is extended to > include CREDS_CHECK targets - BPRM_CHECK will continue to check the same > credentials that it did previously. > > Signed-off-by: Matthew Garrett Reviewed-by: James Morris -- James Morris