Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S942888AbcJ1AFz (ORCPT ); Thu, 27 Oct 2016 20:05:55 -0400 Received: from nm26-vm4.bullet.mail.ne1.yahoo.com ([98.138.91.186]:53299 "EHLO nm26-vm4.bullet.mail.ne1.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S935144AbcJ1AFx (ORCPT ); Thu, 27 Oct 2016 20:05:53 -0400 X-Yahoo-Newman-Id: 95966.12559.bm@smtp207.mail.ne1.yahoo.com X-Yahoo-Newman-Property: ymail-3 X-YMail-OSG: 8hIVBi0VM1kATSvy..STFiHVApiZxZQET8eQVjJCnEQAv66 TgdJlkPd8YbwCPsD85NlEoeP2vYkJXDwRdKEG_cjltzntMqO7JJkY1AqmL7J kyC9VaDLV7qNuOp.3qGhyfruSR7nGN7aFaTUL.c7xbsnFns4AdSZgWwix71a MoO7MzkzCkXTj7dzPvS3dvgHHfwO1xLYAIYTXU5vBKZVpSRWI5W_1v4jBoYP BWXMjgiW_27x3YPZA9ugMgbRKEEjif5rJ2lyncOrTG8A1hrLC_Mwq7uhI9.E eOCMJeo99kW2I0zy0pUKzEugtXS1zBOBmmv2t.NZP0rGxc62tCeOt_4SHrec ulLuU7O5A8F2sEGRAMfkfpH6KVttNrAxVJHGLyVkHNgJkEj0v6LRxwOPRKlw H7fi3sOrjl9Q9B4fngkS9P6.BH0Yt4ic28jVI7n.6dt6km5A2GzrnxRlxY6j Psujy3ethKcvAdqqnpKQSFDnApKlR0bYbtqWKwsXwEC4EJmsbVoK1mlFph2V Xh7RFUF39YekFoGiLUpjxCA.Bt7792Dc99Y9nDcr3hpKxeBIAQrS4F5o- X-Yahoo-SMTP: OIJXglSswBDfgLtXluJ6wiAYv6_cnw-- Subject: Re: [PATCH v6 0/3] LSM: security module information improvements To: James Morris References: <00f80c77-9623-7e9e-8980-63b362a4f16c@schaufler-ca.com> Cc: LSM , John Johansen , Paul Moore , Kees Cook , Stephen Smalley , Tetsuo Handa , LKLM From: Casey Schaufler Message-ID: <575cbfd2-e05b-83a9-faed-d07011c8bd5e@schaufler-ca.com> Date: Thu, 27 Oct 2016 17:05:06 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1659 Lines: 38 On 10/27/2016 3:32 PM, James Morris wrote: > On Wed, 26 Oct 2016, Casey Schaufler wrote: > >> Create interfaces that make it possible to deal with process >> attributes in the face of multiple "major" security modules. > We don't have support for multiple major modules currently (perhaps ever), > so I'm not merging infrastructure which is only useful for them. The 2/3 patch provides for disambiguation of "current" whether you have multiple modules or just one. In effect it corrects an error made in both Smack and AppArmor to reuse the attribute interface names from SELinux. There was substantial discussion on the LSM list about how best to address this. I had originally suggested new names in the attr directory, but the subdirectory approach was greatly preferred by the populous. The 3/3 patch is forward looking, I'll admit. Userspace can start getting ready for the combined format in advance of multiple major modules. When complete module stacking patches are available I don't want to be addressing "no userspace is set up to handle that" if at all possible. I don't want to be Chicken or Egged to death. The attr/context would be the ideal thing for the id command to report, as the format would always be the same and identify the module(s). > >> Patch 1/3 adds /sys/kernel/security/lsm, which provides >> a list of the active security modules on the system. >> >> $ cat /sys/kernel/security/lsm >> capability,yama,loadpin,smack > This may make sense on its own. Has anyone requested this, or is likely > to adopt it into a distro? As John mentioned, Ubuntu would like this. I expect to use it in the Smack userspace, hence Tizen.