Date: Tue, 12 Apr 2016 19:59:50 +1000 (AEST)
From: James Morris <jmorris@namei.org>
To: Kees Cook <keescook@chromium.org>
cc: Andrew Morton <akpm@linux-foundation.org>, Joe Perches <joe@perches.com>,
        Mimi Zohar <zohar@linux.vnet.ibm.com>,
        Andy Shevchenko <andriy.shevchenko@linux.intel.com>,
        "Serge E. Hallyn" <serge@hallyn.com>,
        Kalle Valo <kvalo@codeaurora.org>,
        Mauro Carvalho Chehab <mchehab@osg.samsung.com>,
        Guenter Roeck <linux@roeck-us.net>, Jiri Slaby <jslaby@suse.com>,
        Paul Moore <pmoore@redhat.com>, Stephen Smalley <sds@tycho.nsa.gov>,
        Casey Schaufler <casey@schaufler-ca.com>,
        Andreas Gruenbacher <agruenba@redhat.com>,
        Rasmus Villemoes <linux@rasmusvillemoes.dk>,
        Ulf Hansson <ulf.hansson@linaro.org>,
        Vitaly Kuznetsov <vkuznets@redhat.com>,
        linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v3 0/6] LSM: LoadPin for kernel file loading
 restrictions
In-Reply-To: <1459988437-3429-1-git-send-email-keescook@chromium.org>
Message-ID: <alpine.LRH.2.20.1604121959180.32247@namei.org>
References: <1459988437-3429-1-git-send-email-keescook@chromium.org>
User-Agent: Alpine 2.20 (LRH 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 517
Lines: 16

On Wed, 6 Apr 2016, Kees Cook wrote:

> This provides the mini-LSM "loadpin" that intercepts the now consolidated
> kernel_file_read LSM hook so that a system can keep all loads coming from
> a single trusted filesystem. This is what Chrome OS uses to pin kernel
> module and firmware loading to the read-only crypto-verified dm-verity
> partition so that kernel module signing is not needed.
> 

This all looks good to me, just waiting now for the const fix suggested by 
Joe.


-- 
James Morris
<jmorris@namei.org>