From: Jay Freyensee <why2jjj.linux@gmail.com>
To: Casey Schaufler <casey@schaufler-ca.com>,
paul@paul-moore.com, linux-security-module@vger.kernel.org
Cc: jmorris@namei.org, serge@hallyn.com, keescook@chromium.org,
john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp,
stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org,
linux-api@vger.kernel.org, mic@digikod.net
Subject: Re: [PATCH v11 00/11] LSM: Three basic syscalls
Date: Fri, 23 Jun 2023 18:10:11 -0700 [thread overview]
Message-ID: <403108b1-5600-bb5e-a0ad-6f802b4b296f@gmail.com> (raw)
In-Reply-To: <20230616165055.4705-1-casey@schaufler-ca.com>
On 6/16/23 9:50 AM, Casey Schaufler wrote:
> Add three system calls for the Linux Security Module ABI.
>
> lsm_get_self_attr() provides the security module specific attributes
> that have previously been visible in the /proc/self/attr directory.
> For each security module that uses the specified attribute on the
> current process the system call will return an LSM identifier and
> the value of the attribute. The LSM and attribute identifier values
> are defined in include/uapi/linux/lsm.h
>
> LSM identifiers are simple integers and reflect the order in which
> the LSM was added to the mainline kernel. This is a convention, not
> a promise of the API. LSM identifiers below the value of 100 are
> reserved for unspecified future uses. That could include information
> about the security infrastructure itself, or about how multiple LSMs
> might interact with each other.
>
> A new LSM hook security_getselfattr() is introduced to get the
> required information from the security modules. This is similar
> to the existing security_getprocattr() hook, but specifies the
> format in which string data is returned and requires the module
> to put the information into a userspace destination.
>
> lsm_set_self_attr() changes the specified LSM attribute. Only one
> attribute can be changed at a time, and then only if the specified
> security module allows the change.
>
> A new LSM hook security_setselfattr() is introduced to set the
> required information in the security modules. This is similar
> to the existing security_setprocattr() hook, but specifies the
> format in which string data is presented and requires the module
> to get the information from a userspace destination.
>
> lsm_list_modules() provides the LSM identifiers, in order, of the
> security modules that are active on the system. This has been
> available in the securityfs file /sys/kernel/security/lsm.
Active or available?
If I use landlock's documentation example:
Jun 07 10:37:11 fedora kernel: LSM: initializing
lsm=lockdown,capability,yama,integrity,selinux,bpf>
Jun 07 10:37:11 fedora kernel: landlock: Up and running.
My interpretation of the two log lines is the first line tells me
landlock is available on the distro (fedora this case), but the second
line tells me landlock is now active. Thus the lsm available list may be
different than the lsm active list.
So is lsm_list_modules() going to tell me just what lsm's are available
in a distro for use, or is it going to tell me what lsm's are available
_and_ active?
Thanks,
Jay
next prev parent reply other threads:[~2023-06-24 1:10 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20230616165055.4705-1-casey.ref@schaufler-ca.com>
2023-06-16 16:50 ` [PATCH v11 00/11] LSM: Three basic syscalls Casey Schaufler
2023-06-16 16:50 ` [PATCH v11 01/11] LSM: Identify modules by more than name Casey Schaufler
2023-06-16 16:50 ` [PATCH v11 02/11] LSM: Maintain a table of LSM attribute data Casey Schaufler
2023-06-26 14:11 ` kernel test robot
2023-06-16 16:50 ` [PATCH v11 03/11] proc: Use lsmids instead of lsm names for attrs Casey Schaufler
2023-06-16 16:50 ` [PATCH v11 04/11] LSM: syscalls for current process attributes Casey Schaufler
2023-06-16 16:50 ` [PATCH v11 05/11] LSM: Create lsm_list_modules system call Casey Schaufler
2023-06-16 16:50 ` [PATCH v11 06/11] LSM: wireup Linux Security Module syscalls Casey Schaufler
2023-06-16 16:50 ` [PATCH v11 07/11] LSM: Helpers for attribute names and filling lsm_ctx Casey Schaufler
2023-06-19 20:02 ` Kees Cook
2023-06-16 16:50 ` [PATCH v11 08/11] Smack: implement setselfattr and getselfattr hooks Casey Schaufler
2023-06-16 16:50 ` [PATCH v11 09/11] AppArmor: Add selfattr hooks Casey Schaufler
2023-06-16 16:50 ` [PATCH v11 10/11] SELinux: " Casey Schaufler
2023-06-16 16:50 ` [PATCH v11 11/11] LSM: selftests for Linux Security Module syscalls Casey Schaufler
2023-06-19 20:03 ` Kees Cook
2023-06-24 1:10 ` Jay Freyensee [this message]
2023-06-24 1:42 ` [PATCH v11 00/11] LSM: Three basic syscalls Casey Schaufler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=403108b1-5600-bb5e-a0ad-6f802b4b296f@gmail.com \
--to=why2jjj.linux@gmail.com \
--cc=casey@schaufler-ca.com \
--cc=jmorris@namei.org \
--cc=john.johansen@canonical.com \
--cc=keescook@chromium.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mic@digikod.net \
--cc=paul@paul-moore.com \
--cc=penguin-kernel@i-love.sakura.ne.jp \
--cc=serge@hallyn.com \
--cc=stephen.smalley.work@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox