Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1030486AbcJ0Ve7 (ORCPT <rfc822;w@1wt.eu>);
        Thu, 27 Oct 2016 17:34:59 -0400
Received: from mail-wm0-f52.google.com ([74.125.82.52]:35815 "EHLO
        mail-wm0-f52.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1754371AbcJ0Vew (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 27 Oct 2016 17:34:52 -0400
MIME-Version: 1.0
In-Reply-To: <00f80c77-9623-7e9e-8980-63b362a4f16c@schaufler-ca.com>
References: <00f80c77-9623-7e9e-8980-63b362a4f16c@schaufler-ca.com>
From: Kees Cook <keescook@chromium.org>
Date: Thu, 27 Oct 2016 14:34:13 -0700
X-Google-Sender-Auth: vzPCJyD3WufsQYooNXDDFfBsTc4
Message-ID: <CAGXu5j+hB3F-HQEdaqU2y-rvzQN=q__KD2ZAFBqkAGNEdwmvrQ@mail.gmail.com>
Subject: Re: [PATCH v6 0/3] LSM: security module information improvements
To: Casey Schaufler <casey@schaufler-ca.com>
Cc: LSM <linux-security-module@vger.kernel.org>,
        James Morris <jmorris@namei.org>,
        John Johansen <john.johansen@canonical.com>,
        Paul Moore <paul@paul-moore.com>, Stephen Smalley <sds@tycho.nsa.gov>,
        Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>,
        LKLM <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset=UTF-8
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 2509
Lines: 74

On Wed, Oct 26, 2016 at 4:56 PM, Casey Schaufler <casey@schaufler-ca.com> wrote:
> Subject: [PATCH v6 0/3] LSM: security module information improvements
>
> Changes from v5:
>         Rebased on 4.9-rc2
>
> Changes from v4:
>         Use kasprintf instead of kzalloc() ... sprintf in more places.
>         More in the documentation.
>         Separate module information in contexts with ",". (not yet visible)
>
> Changes from v3:
>         Use kasprintf instead of kzalloc() ... sprintf.
>
> Create interfaces that make it possible to deal with process
> attributes in the face of multiple "major" security modules.
>
> Patch 1/3 adds /sys/kernel/security/lsm, which provides
> a list of the active security modules on the system.
>
>         $ cat /sys/kernel/security/lsm
>         capability,yama,loadpin,smack
>
> Patch 2/3 adds a subdirectory in /proc/.../attr for each
> security module that exports process attribute data. This
> allows a program in easily differentiate between the "current"
> value for Smack and AppArmor.
>
>         $ cat /proc/self/attr/smack/current
>         System
>
>         $ cat /proc/self/attr/apparmor/current
>         unconfined
>
> Patch 3/3 adds an interface that provides module identified
> information that otherwise matches the "current" attr.
> This allows a system with multiple modules to provide the
> complete security "context" in one place. A (future) system
> with both Smack and AppArmor might report:
>
>         $ cat /proc/self/attr/context
>         smack='System',apparmor='unconfined'
>
> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
>
> ---
>  Documentation/security/LSM.txt |  34 ++++++--
>  fs/proc/base.c                 |  95 +++++++++++++++++++---
>  fs/proc/internal.h             |   1 +
>  include/linux/lsm_hooks.h      |  12 +--
>  include/linux/security.h       |  15 ++--
>  security/apparmor/lsm.c        |  38 +++++++--
>  security/commoncap.c           |   3 +-
>  security/inode.c               |  26 +++++-
>  security/loadpin/loadpin.c     |   2 +-
>  security/security.c            | 177 ++++++++++++++++++++++++++++++++++++++++-
>  security/selinux/hooks.c       |  22 ++++-
>  security/smack/smack_lsm.c     |  22 ++---
>  security/tomoyo/tomoyo.c       |   2 +-
>  security/yama/yama_lsm.c       |   2 +-
>  14 files changed, 395 insertions(+), 56 deletions(-)
>

I remain happy with this. :)

Reviewed-by: Kees Cook <keescook@chromium.org>

(With my LSM parts Acked-by...)

-Kees

-- 
Kees Cook
Nexus Security