From: "Mickaël Salaün" <mic@digikod.net>
To: Paul Moore <paul@paul-moore.com>
Cc: "Casey Schaufler" <casey@schaufler-ca.com>,
linux-security-module@vger.kernel.org, selinux@vger.kernel.org,
"John Johansen" <john.johansen@canonical.com>,
"Stephen Smalley" <stephen.smalley.work@gmail.com>,
"Maxime Bélair" <maxime.belair@canonical.com>
Subject: Re: LSM namespacing API
Date: Thu, 21 Aug 2025 12:00:55 +0200 [thread overview]
Message-ID: <20250820.xo0hee4Zeeyu@digikod.net> (raw)
In-Reply-To: <CAHC9VhQ5Vs+_DYAcN_Z4M9PVqW=PjaHcr4sVXADU5yqp1zFHVQ@mail.gmail.com>
On Tue, Aug 19, 2025 at 02:40:52PM -0400, Paul Moore wrote:
> On Tue, Aug 19, 2025 at 1:11 PM Casey Schaufler <casey@schaufler-ca.com> wrote:
> >
> > The advantage of a clone flag is that the operation is atomic with
> > the other namespace flag based behaviors. Having a two step process
> >
> > clone(); lsm_set_self_attr(); - or -
> > lsm_set_self_attr(); clone();
> >
> > is going to lead to cases where neither order really works correctly.
>
> I was envisioning something that works similarly to LSM_ATTR_EXEC
> where the unshare isn't immediate, but rather happens at a future
> event. With LSM_ATTR_EXEC it happens at the next exec*(), with
> LSM_ATTR_UNSHARE I imagine it would happen at the next clone*().
The next unshare(2) would make more sense to me.
This deferred operation could be requested with a flag in
lsm_config_system_policy(2) instead:
https://lore.kernel.org/r/20250709080220.110947-1-maxime.belair@canonical.com
next prev parent reply other threads:[~2025-08-21 10:10 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-19 14:56 LSM namespacing API Paul Moore
2025-08-19 17:11 ` Casey Schaufler
2025-08-19 18:40 ` Paul Moore
2025-08-19 18:58 ` Stephen Smalley
2025-08-21 7:26 ` John Johansen
2025-08-21 7:23 ` John Johansen
2025-08-22 1:57 ` Paul Moore
2025-08-22 14:30 ` John Johansen
2025-08-21 10:00 ` Mickaël Salaün [this message]
2025-08-22 2:14 ` Paul Moore
2025-08-22 14:47 ` Casey Schaufler
2025-08-22 19:59 ` John Johansen
2025-08-23 17:41 ` Dr. Greg
2025-08-23 23:00 ` John Johansen
2025-08-19 17:47 ` Stephen Smalley
2025-08-19 18:51 ` Paul Moore
2025-08-19 18:52 ` Paul Moore
2025-08-20 14:44 ` Mickaël Salaün
2025-08-20 15:37 ` Casey Schaufler
2025-08-20 20:47 ` Paul Moore
2025-08-21 9:56 ` Mickaël Salaün
2025-08-21 14:18 ` John Johansen
2025-08-22 2:09 ` Paul Moore
2025-08-21 2:05 ` Serge E. Hallyn
2025-08-21 2:35 ` Paul Moore
2025-08-21 3:02 ` Serge E. Hallyn
2025-08-22 1:50 ` Paul Moore
2025-08-21 8:12 ` John Johansen
2025-08-21 8:07 ` John Johansen
2025-08-21 7:46 ` John Johansen
2025-08-21 14:26 ` Serge E. Hallyn
2025-08-21 14:57 ` John Johansen
2025-09-01 16:01 ` Dr. Greg
2025-09-01 17:31 ` Casey Schaufler
2025-09-04 2:16 ` Dr. Greg
2025-09-04 17:40 ` Casey Schaufler
2025-09-02 10:55 ` John Johansen
2025-09-05 22:14 ` Dr. Greg
2025-09-06 2:01 ` John Johansen
2025-08-22 1:59 ` Paul Moore
2025-08-21 7:14 ` John Johansen
2025-08-21 11:20 ` Dr. Greg
2025-08-21 14:44 ` John Johansen
2026-02-26 0:05 ` Paul Moore
2026-03-03 13:30 ` Stephen Smalley
2026-03-03 16:46 ` Paul Moore
2026-03-06 17:48 ` Dr. Greg
2026-03-06 21:01 ` Casey Schaufler
2026-03-09 18:15 ` Stephen Smalley
2026-03-11 16:37 ` Casey Schaufler
2026-03-24 21:31 ` Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250820.xo0hee4Zeeyu@digikod.net \
--to=mic@digikod.net \
--cc=casey@schaufler-ca.com \
--cc=john.johansen@canonical.com \
--cc=linux-security-module@vger.kernel.org \
--cc=maxime.belair@canonical.com \
--cc=paul@paul-moore.com \
--cc=selinux@vger.kernel.org \
--cc=stephen.smalley.work@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox