From: Mimi Zohar <zohar@linux.ibm.com>
To: Casey Schaufler <casey@schaufler-ca.com>,
Roberto Sassu <roberto.sassu@huaweicloud.com>,
dmitry.kasatkin@gmail.com, paul@paul-moore.com,
jmorris@namei.org, serge@hallyn.com,
stephen.smalley.work@gmail.com, eparis@parisplace.org
Cc: linux-integrity@vger.kernel.org,
linux-security-module@vger.kernel.org, selinux@vger.kernel.org,
reiserfs-devel@vger.kernel.org, linux-kernel@vger.kernel.org,
keescook@chromium.org, nicolas.bouchinet@clip-os.org,
Roberto Sassu <roberto.sassu@huawei.com>
Subject: Re: [PATCH v4 3/5] security: Allow all LSMs to provide xattrs for inode_init_security hook
Date: Thu, 17 Nov 2022 13:07:37 -0500 [thread overview]
Message-ID: <5ef79a7ab559f46313f767d90b50662e003d62be.camel@linux.ibm.com> (raw)
In-Reply-To: <66df8ebe-1ed2-c839-8a5f-cc0a26bad6c3@schaufler-ca.com>
On Thu, 2022-11-17 at 09:40 -0800, Casey Schaufler wrote:
> On 11/17/2022 9:24 AM, Mimi Zohar wrote:
> > On Thu, 2022-11-17 at 09:18 -0800, Casey Schaufler wrote:
> >> On 11/17/2022 8:05 AM, Mimi Zohar wrote:
> >>> hOn Thu, 2022-11-10 at 10:46 +0100, Roberto Sassu wrote:
> >>>> From: Roberto Sassu <roberto.sassu@huawei.com>
> >>>>
> >>>> Currently, security_inode_init_security() supports only one LSM providing
> >>>> an xattr and EVM calculating the HMAC on that xattr, plus other inode
> >>>> metadata.
> >>>>
> >>>> Allow all LSMs to provide one or multiple xattrs, by extending the security
> >>>> blob reservation mechanism. Introduce the new lbs_xattr field of the
> >>>> lsm_blob_sizes structure, so that each LSM can specify how many xattrs it
> >>>> needs, and the LSM infrastructure knows how many xattr slots it should
> >>>> allocate.
> >>> Perhaps supporting per LSM multiple xattrs is a nice idea, but EVM
> >>> doesn't currently support it. The LSM xattrs are hard coded in
> >>> evm_config_default_xattrnames[], based on whether the LSM is
> >>> configured. Additional security xattrs may be included in the
> >>> security.evm calculation, by extending the list via
> >>> security/integrity/evm/evm_xattrs.
> >> Smack uses multiple xattrs. All file system objects have a SMACK64
> >> attribute, which is used for access control. A program file may have
> >> a SMACK64EXEC attribute, which is the label the program will run with.
> >> A library may have a SMACK64MMAP attribute to restrict loading. A
> >> directory may have a SMACK64TRANSMUTE attribute, which modifies the
> >> new object creation behavior.
> >>
> >> The point being that it may be more than a "nice idea" to support
> >> multiple xattrs. It's not a hypothetical situation.
> > And each of these addiitonal Smack xattrs are already defined in
> > evm_config_default_xattrnames[].
>
> Then I'm confused by the statement that "EVM doesn't currently support it".
My mistake. As you pointed out, Smack is defining multiple security
xattrs.
Mimi
next prev parent reply other threads:[~2022-11-17 18:08 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-10 9:46 [PATCH v4 0/5] evm: Prepare for moving to the LSM infrastructure Roberto Sassu
2022-11-10 9:46 ` [PATCH v4 1/5] reiserfs: Add missing calls to reiserfs_security_free() Roberto Sassu
2022-11-16 21:03 ` Mimi Zohar
2022-11-21 23:41 ` Paul Moore
2022-11-22 8:11 ` Roberto Sassu
2022-11-22 22:47 ` Paul Moore
2022-11-10 9:46 ` [PATCH v4 2/5] security: Rewrite security_old_inode_init_security() Roberto Sassu
2022-11-17 13:03 ` Mimi Zohar
2022-11-18 9:04 ` Roberto Sassu
2022-11-21 9:45 ` Roberto Sassu
2022-11-21 20:54 ` Mimi Zohar
2022-11-21 23:55 ` Paul Moore
2022-11-22 8:29 ` Roberto Sassu
2022-11-10 9:46 ` [PATCH v4 3/5] security: Allow all LSMs to provide xattrs for inode_init_security hook Roberto Sassu
2022-11-17 16:05 ` Mimi Zohar
2022-11-17 17:18 ` Casey Schaufler
2022-11-17 17:24 ` Mimi Zohar
2022-11-17 17:40 ` Casey Schaufler
2022-11-17 18:07 ` Mimi Zohar [this message]
2022-11-18 9:32 ` Roberto Sassu
2022-11-18 15:33 ` Mimi Zohar
2022-11-18 9:14 ` Roberto Sassu
2022-11-18 15:10 ` Mimi Zohar
2022-11-18 17:31 ` Casey Schaufler
2022-11-21 13:29 ` Roberto Sassu
2022-11-21 20:58 ` Mimi Zohar
2022-11-18 17:15 ` Casey Schaufler
2022-11-10 9:46 ` [PATCH v4 4/5] evm: Align evm_inode_init_security() definition with LSM infrastructure Roberto Sassu
2022-11-17 17:07 ` Mimi Zohar
2022-11-18 9:30 ` Roberto Sassu
2022-11-18 14:45 ` Mimi Zohar
2022-11-18 15:11 ` Mimi Zohar
2022-11-10 9:46 ` [PATCH v4 5/5] evm: Support multiple LSMs providing an xattr Roberto Sassu
2022-11-17 17:09 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5ef79a7ab559f46313f767d90b50662e003d62be.camel@linux.ibm.com \
--to=zohar@linux.ibm.com \
--cc=casey@schaufler-ca.com \
--cc=dmitry.kasatkin@gmail.com \
--cc=eparis@parisplace.org \
--cc=jmorris@namei.org \
--cc=keescook@chromium.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=nicolas.bouchinet@clip-os.org \
--cc=paul@paul-moore.com \
--cc=reiserfs-devel@vger.kernel.org \
--cc=roberto.sassu@huawei.com \
--cc=roberto.sassu@huaweicloud.com \
--cc=selinux@vger.kernel.org \
--cc=serge@hallyn.com \
--cc=stephen.smalley.work@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).