From: KP Singh <kpsingh@kernel.org>
To: Paul Moore <paul@paul-moore.com>
Cc: linux-security-module@vger.kernel.org, bpf@vger.kernel.org,
ast@kernel.org, casey@schaufler-ca.com, andrii@kernel.org,
keescook@chromium.org, daniel@iogearbox.net, renauld@google.com,
revest@chromium.org, song@kernel.org
Subject: Re: [PATCH v13 3/5] security: Replace indirect LSM hook calls with static calls
Date: Mon, 8 Jul 2024 12:04:36 +0200 [thread overview]
Message-ID: <CACYkzJ5gAnbXX_aWy6952s2O5L2p3Mw14OUfo9Z-Od6_Dp2HLQ@mail.gmail.com> (raw)
In-Reply-To: <CAHC9VhQQkWxMT3KguOOK7W8cbY-cdeYTJSuh=tSDV4jsqp6s6g@mail.gmail.com>
On Sat, Jul 6, 2024 at 6:40 AM Paul Moore <paul@paul-moore.com> wrote:
>
> On Fri, Jul 5, 2024 at 3:34 PM KP Singh <kpsingh@kernel.org> wrote:
> > On Fri, Jul 5, 2024 at 8:07 PM Paul Moore <paul@paul-moore.com> wrote:
> > > On Wed, Jul 3, 2024 at 7:08 PM KP Singh <kpsingh@kernel.org> wrote:
[...]
> >
> > Paul, I am talking about eliminating a class of bugs, but you don't
> > seem to get the point and you are fixated on the very instance of this
> > bug class.
>
> I do understand that you are trying to eliminate a class of bugs, the
> point I'm trying to make is that I believe we have addressed that
> already with the patches I've previously cited.
The class I am referring to is useless hooks returning a default value
and imposing a denial / enforcement when they are not supposed to. If
you think this class of issues is not relevant to the overall LSM,
sure. I would still like BPF LSM to not add default callbacks as I
have always maintained since day 1:
https://lwn.net/ml/linux-kernel/20200224171305.GA21886@chromium.org/
BPF LSM does not want to provide a default decision until a BPF LSM
policy program is loaded,
>
> > > > 2. Performance, no extra function call.
> > >
> > > Convince me the bug still exists first and then we can discuss the
> > > merits of whatever solutions are proposed.
> >
> > This is independent of the bug!
>
> Correctness first, maintainability second, performance third. That's
> my current priority and I feel the maintainability hit doesn't justify
> the performance win at this point in time. Besides, we're already
> expecting a big performance boost simply by moving to static_calls.
>
> > As I said, If you don't want to modify the core LSM layer, it's okay,
> > I still want to go with changes local to the BPF LSM, If you really
> > don't agree with the changes local to the BPF LSM, we can have it go
> > via the BPF tree and seek Linus' help to resolve the conflict.
>
> As the BPF maintainer you are always free to do whatever you like
> within the scope of the LSM you maintain so long as it does not touch
> or otherwise impact any of the other LSMs or the LSM framework. If
> you do affect the other LSMs, or the LSM framework, you need to get an
> ACK from the associated maintainer. That's pretty much how Linux
> kernel development works.
Okay, then let's not make an LSM API, I will handle it within the BPF LSM.
The patch I proposed should not affect any other LSMs and is self
contained within BPF LSM:
https://lore.kernel.org/bpf/CACYkzJ6jADoGNuPP3-1wkk-kV7NOQh+eFkU5KEDEZgq9qNNEfg@mail.gmail.com/
>
> --
> paul-moore.com
next prev parent reply other threads:[~2024-07-08 10:04 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-29 8:43 [PATCH v13 0/5] Reduce overhead of LSMs with static calls KP Singh
2024-06-29 8:43 ` [PATCH v13 1/5] kernel: Add helper macros for loop unrolling KP Singh
2024-06-29 8:43 ` [PATCH v13 2/5] security: Count the LSMs enabled at compile time KP Singh
2024-07-03 9:44 ` Rasmus Villemoes
2024-07-03 13:12 ` KP Singh
2024-07-03 14:54 ` Paul Moore
2024-06-29 8:43 ` [PATCH v13 3/5] security: Replace indirect LSM hook calls with static calls KP Singh
2024-07-03 0:07 ` Paul Moore
2024-07-03 16:54 ` KP Singh
2024-07-03 20:56 ` Paul Moore
2024-07-03 22:22 ` KP Singh
2024-07-03 22:52 ` Paul Moore
2024-07-03 23:08 ` KP Singh
2024-07-03 23:44 ` Casey Schaufler
2024-07-04 0:24 ` KP Singh
2024-07-04 1:15 ` KP Singh
2024-07-05 18:07 ` Paul Moore
2024-07-05 19:34 ` KP Singh
2024-07-06 0:17 ` Kees Cook
2024-07-06 4:46 ` Paul Moore
2024-07-06 4:40 ` Paul Moore
2024-07-08 10:04 ` KP Singh [this message]
2024-07-08 12:52 ` Paul Moore
2024-07-08 13:52 ` KP Singh
2024-07-08 14:23 ` Paul Moore
2024-06-29 8:43 ` [PATCH v13 4/5] security: Update non standard hooks to use " KP Singh
2024-07-03 0:07 ` Paul Moore
2024-07-09 12:36 ` KP Singh
2024-07-09 14:51 ` Paul Moore
2024-07-09 16:53 ` Casey Schaufler
2024-07-09 19:05 ` Paul Moore
2024-06-29 8:43 ` [PATCH v13 5/5] bpf: Only enable BPF LSM hooks when an LSM program is attached KP Singh
2024-07-03 0:07 ` Paul Moore
2024-07-03 16:55 ` KP Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CACYkzJ5gAnbXX_aWy6952s2O5L2p3Mw14OUfo9Z-Od6_Dp2HLQ@mail.gmail.com \
--to=kpsingh@kernel.org \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=casey@schaufler-ca.com \
--cc=daniel@iogearbox.net \
--cc=keescook@chromium.org \
--cc=linux-security-module@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=renauld@google.com \
--cc=revest@chromium.org \
--cc=song@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).