From: Casey Schaufler <casey@schaufler-ca.com>
To: Stephen Smalley <sds@tycho.nsa.gov>, casey@schaufler-ca.com
Cc: David Howells <dhowells@redhat.com>,
Karl MacMillan <kmacmill@redhat.com>,
viro@ftp.linux.org.uk, hch@infradead.org,
Trond.Myklebust@netapp.com, linux-kernel@vger.kernel.org,
selinux@tycho.nsa.gov, linux-security-module@vger.kernel.org
Subject: Re: [PATCH 08/28] SECURITY: Allow kernel services to override LSM settings for task actions [try #2]
Date: Tue, 11 Dec 2007 12:40:54 -0800 (PST) [thread overview]
Message-ID: <81940.57362.qm@web36611.mail.mud.yahoo.com> (raw)
In-Reply-To: <1197402998.28006.95.camel@moss-spartans.epoch.ncsc.mil>
--- Stephen Smalley <sds@tycho.nsa.gov> wrote:
>
> > I am much more concerned with the interfaces used to pass the
> > information into the kernel. I would expect that to be LSM
> > independent, not a call into libselinux that resolves into a
> > selinuxfs operation, or it's netlink equivilant. It would be
> > unfortunate if the userland/kernel interface became an obstacle
> > to cachefiles being adopted.
>
> That wasn't the issue. The interface to the cachefiles module would
> just consist of cachefilesd writing a string label to some pseudo file
> tell cachefiles what label to apply as the acting label for operations
> performed by cachefiles. Which isn't SELinux-specific at all.
Calm down. Just checking.
> David was asking though how cachefilesd (the userspace agent) would
> obtain such a label to use. And that may very well be LSM-specific, and
> as there is no LSM userspace API, it makes sense for him to invoke a
> libselinux function at present. If a liblsm is later created and
> provides a common front-end API (internally dlopen'ing the right shared
> library based on some configuration, whether libselinux or libsmack or
> whatever), then cachefilesd can instead call the liblsm interface, but
> that doesn't exist today.
I am certainly not in favor of adding such complexity.
I suggest that cachefilesd get the context it wants using
whatever scheme works. I think there should be a cachefiles
specific (LSM independent) scheme for getting it into the
kernel, and a LSM hooks for setting it, if that's what he
really wants to do.
Casey Schaufler
casey@schaufler-ca.com
next prev parent reply other threads:[~2007-12-11 20:41 UTC|newest]
Thread overview: 126+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-12-05 19:38 [PATCH 00/28] Permit filesystem local caching [try #2] David Howells
2007-12-05 19:38 ` [PATCH 01/28] KEYS: Increase the payload size when instantiating a key " David Howells
2007-12-05 19:38 ` [PATCH 02/28] KEYS: Check starting keyring as part of search " David Howells
2007-12-05 19:38 ` [PATCH 03/28] KEYS: Allow the callout data to be passed as a blob rather than a string " David Howells
2007-12-05 19:38 ` [PATCH 04/28] KEYS: Add keyctl function to get a security label " David Howells
2007-12-05 19:38 ` [PATCH 05/28] Security: Change current->fs[ug]id to current_fs[ug]id() " David Howells
2007-12-05 19:38 ` [PATCH 06/28] SECURITY: Separate task security context from task_struct " David Howells
2007-12-05 19:38 ` [PATCH 07/28] SECURITY: De-embed task security record from task and use refcounting " David Howells
2007-12-05 19:38 ` [PATCH 08/28] SECURITY: Allow kernel services to override LSM settings for task actions " David Howells
2007-12-10 16:46 ` Stephen Smalley
2007-12-10 17:07 ` David Howells
2007-12-10 17:23 ` Stephen Smalley
2007-12-10 21:08 ` David Howells
2007-12-10 21:27 ` Stephen Smalley
2007-12-10 22:26 ` Casey Schaufler
2007-12-10 23:44 ` David Howells
2007-12-10 23:56 ` Casey Schaufler
2007-12-11 18:34 ` Stephen Smalley
2007-12-11 19:26 ` Casey Schaufler
2007-12-11 19:56 ` Stephen Smalley
2007-12-11 20:40 ` Casey Schaufler [this message]
2007-12-10 23:36 ` David Howells
2007-12-10 23:46 ` Casey Schaufler
2007-12-11 19:52 ` Stephen Smalley
2007-12-11 19:37 ` Stephen Smalley
2007-12-11 20:42 ` David Howells
2007-12-11 21:18 ` Casey Schaufler
2007-12-11 21:34 ` Stephen Smalley
2007-12-11 22:43 ` David Howells
2007-12-11 23:04 ` Casey Schaufler
2007-12-12 15:25 ` Stephen Smalley
2007-12-12 16:51 ` Casey Schaufler
2007-12-12 18:12 ` Stephen Smalley
2007-12-12 18:34 ` David Howells
2007-12-12 19:44 ` Casey Schaufler
2007-12-12 19:49 ` Stephen Smalley
2007-12-12 20:09 ` Casey Schaufler
2007-12-12 22:29 ` David Howells
2007-12-12 22:32 ` David Howells
2007-12-12 18:29 ` David Howells
2007-12-12 19:33 ` Stephen Smalley
2007-12-12 22:49 ` David Howells
2007-12-13 14:49 ` Stephen Smalley
2007-12-13 15:36 ` David Howells
2007-12-13 16:23 ` Stephen Smalley
2007-12-13 17:01 ` David Howells
2007-12-13 17:27 ` Stephen Smalley
2007-12-13 18:04 ` David Howells
2007-12-12 19:37 ` Casey Schaufler
2007-12-12 22:52 ` David Howells
2007-12-12 18:25 ` David Howells
2007-12-12 19:20 ` Casey Schaufler
2007-12-12 19:29 ` David Howells
2007-12-12 19:35 ` Stephen Smalley
2007-12-12 22:55 ` David Howells
2007-12-13 14:51 ` Stephen Smalley
2007-12-13 16:03 ` David Howells
2007-12-19 3:28 ` Crispin Cowan
2007-12-19 5:39 ` Casey Schaufler
2007-12-19 14:54 ` Stephen Smalley
2007-12-19 3:28 ` Crispin Cowan
2007-12-19 23:38 ` David Howells
2007-12-12 14:41 ` Karl MacMillan
2007-12-12 14:53 ` David Howells
2007-12-12 14:59 ` Karl MacMillan
2008-01-09 16:51 ` David Howells
2008-01-09 17:27 ` David Howells
2008-01-09 18:11 ` Stephen Smalley
2008-01-09 18:56 ` David Howells
2008-01-09 19:19 ` Stephen Smalley
2008-01-10 11:09 ` David Howells
2008-01-14 14:01 ` David Howells
2008-01-14 14:06 ` David Howells
2008-01-15 14:58 ` Stephen Smalley
2008-01-23 20:52 ` David Howells
2008-01-23 22:03 ` James Morris
2008-01-14 14:52 ` Casey Schaufler
2008-01-14 15:19 ` David Howells
2008-01-15 14:56 ` Stephen Smalley
2008-01-15 16:03 ` David Howells
2008-01-15 16:08 ` Stephen Smalley
2008-01-15 18:10 ` Casey Schaufler
2008-01-15 19:15 ` Stephen Smalley
2008-01-15 21:55 ` David Howells
2008-01-15 22:23 ` Casey Schaufler
2007-12-05 19:39 ` [PATCH 09/28] FS-Cache: Release page->private after failed readahead " David Howells
2007-12-14 3:51 ` Nick Piggin
2007-12-17 22:42 ` David Howells
2007-12-18 7:03 ` Nick Piggin
2007-12-05 19:39 ` [PATCH 10/28] FS-Cache: Recruit a couple of page flags for cache management " David Howells
2007-12-14 4:08 ` Nick Piggin
2007-12-17 22:36 ` David Howells
2007-12-18 7:00 ` Nick Piggin
2007-12-20 18:33 ` David Howells
2007-12-21 1:08 ` Nick Piggin
2008-01-02 16:27 ` David Howells
2008-01-07 11:33 ` Nick Piggin
2008-01-07 13:09 ` David Howells
2008-01-08 3:01 ` Nick Piggin
2008-01-08 23:51 ` David Howells
2008-01-09 1:52 ` Nick Piggin
2008-01-09 15:45 ` David Howells
2008-01-09 23:52 ` Nick Piggin
2007-12-05 19:39 ` [PATCH 11/28] FS-Cache: Provide an add_wait_queue_tail() function " David Howells
2007-12-05 19:39 ` [PATCH 12/28] FS-Cache: Generic filesystem caching facility " David Howells
2007-12-05 19:39 ` [PATCH 13/28] CacheFiles: Add missing copy_page export for ia64 " David Howells
2007-12-05 19:39 ` [PATCH 14/28] CacheFiles: Be consistent about the use of mapping vs file->f_mapping in Ext3 " David Howells
2007-12-05 19:39 ` [PATCH 15/28] CacheFiles: Add a hook to write a single page of data to an inode " David Howells
2007-12-05 19:39 ` [PATCH 16/28] CacheFiles: Permit the page lock state to be monitored " David Howells
2007-12-05 19:39 ` [PATCH 17/28] CacheFiles: Export things for CacheFiles " David Howells
2007-12-05 19:39 ` [PATCH 18/28] CacheFiles: A cache that backs onto a mounted filesystem " David Howells
2007-12-05 19:39 ` [PATCH 19/28] NFS: Use local caching " David Howells
2007-12-05 19:40 ` [PATCH 20/28] NFS: Configuration and mount option changes to enable local caching on NFS " David Howells
2007-12-05 19:40 ` [PATCH 21/28] NFS: Display local caching state " David Howells
2007-12-05 19:40 ` [PATCH 22/28] fcrypt endianness misannotations " David Howells
2007-12-05 19:40 ` [PATCH 23/28] AFS: Add TestSetPageError() " David Howells
2007-12-05 19:40 ` [PATCH 24/28] AFS: Add a function to excise a rejected write from the pagecache " David Howells
2007-12-14 4:21 ` Nick Piggin
2007-12-17 22:54 ` David Howells
2007-12-18 7:07 ` Nick Piggin
2007-12-20 18:49 ` David Howells
2007-12-21 1:11 ` Nick Piggin
2007-12-05 19:40 ` [PATCH 25/28] AFS: Improve handling of a rejected writeback " David Howells
2007-12-05 19:40 ` [PATCH 26/28] AF_RXRPC: Save the operation ID for debugging " David Howells
2007-12-05 19:40 ` [PATCH 27/28] AFS: Implement shared-writable mmap " David Howells
2007-12-05 19:40 ` [PATCH 28/28] FS-Cache: Make kAFS use FS-Cache " David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=81940.57362.qm@web36611.mail.mud.yahoo.com \
--to=casey@schaufler-ca.com \
--cc=Trond.Myklebust@netapp.com \
--cc=dhowells@redhat.com \
--cc=hch@infradead.org \
--cc=kmacmill@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
--cc=viro@ftp.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).