Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1758825AbbGHUHW (ORCPT <rfc822;w@1wt.eu>);
	Wed, 8 Jul 2015 16:07:22 -0400
Received: from mx1.redhat.com ([209.132.183.28]:38133 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1755567AbbGHUHQ (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Wed, 8 Jul 2015 16:07:16 -0400
From: Paul Moore <pmoore@redhat.com>
To: Casey Schaufler <casey@schaufler-ca.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>,
        Paul Osmialowski <p.osmialowsk@samsung.com>,
        James Morris <james.l.morris@oracle.com>,
        "Serge E. Hallyn" <serge@hallyn.com>,
        Kees Cook <keescook@chromium.org>,
        Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>,
        Neil Brown <neilb@suse.de>, Mark Rustad <mark.d.rustad@intel.com>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Daniel Mack <daniel@zonque.org>,
        David Herrmann <dh.herrmann@googlemail.com>,
        Djalal Harouni <tixxdz@opendz.org>,
        Shuah Khan <shuahkh@osg.samsung.com>,
        Al Viro <viro@zeniv.linux.org.uk>,
        linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org,
        linux-api@vger.kernel.org,
        Karol Lewandowski <k.lewandowsk@samsung.com>,
        Lukasz Skalski <l.skalski@samsung.com>
Subject: Re: [RFC 4/8] lsm: smack: smack callbacks for kdbus security hooks
Date: Wed, 08 Jul 2015 16:07:11 -0400
Message-ID: <2412238.IhG4IMMuSs@sifl>
Organization: Red Hat
User-Agent: KMail/4.14.8 (Linux/3.16.7-gentoo; KDE/4.14.9; x86_64; ; )
In-Reply-To: <559D5201.6060400@schaufler-ca.com>
References: <1436351110-5902-1-git-send-email-p.osmialowsk@samsung.com> <559D28DE.4070406@tycho.nsa.gov> <559D5201.6060400@schaufler-ca.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 7Bit
Content-Type: text/plain; charset="us-ascii"
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1843
Lines: 39

On Wednesday, July 08, 2015 09:38:25 AM Casey Schaufler wrote:
> On 7/8/2015 6:42 AM, Stephen Smalley wrote:
> > On 07/08/2015 06:25 AM, Paul Osmialowski wrote:

...

> > If Smack only truly needs 3 hooks, then it begs the question of why
> > there are so many other hooks defined.  Are the other hooks just to
> > support finer-grained distinctions, or is Smack's coverage incomplete?
> 
> I haven't been following kdbus closely for a while, but the original
> intent for Smack and kdbus was that it Smack controls would be on the
> objects involved, and that to accomplish that only a small number of
> hooks would be necessary. After all, Smack uses fewer hooks than SELinux
> on other things. I do agree that without a user there is no point in
> having hooks. If SELinux requires the other hooks we might want to
> hold off on asking for the hooks until the SELinux implementation is
> exposed. I also think that AppArmor should be examined as a potential
> user of the hooks, just to make sure the hooks aren't excessively
> oriented toward subject/object based security modules.

In Paul O.'s defense, we did have some discussion about the reasons for these 
hooks, although that seems like ages ago and I would need to dig through the 
archives (my inbox?) to find the reasoning for each.

However, I don't remember being very comfortable with the hooks back them 
largely due to uncertainty about how we were treating kdbus with respect to 
subjects/objects.  I think it's worth restarting that discussion now before we 
nit pick the patches themselves.

-- 
paul moore
security @ redhat

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/