Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753870AbdDLNyv (ORCPT ); Wed, 12 Apr 2017 09:54:51 -0400 Received: from smtp.nsa.gov ([8.44.101.8]:41129 "EHLO emsm-gh1-uea10.nsa.gov" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753290AbdDLNyt (ORCPT ); Wed, 12 Apr 2017 09:54:49 -0400 X-IronPort-AV: E=Sophos;i="5.37,190,1488844800"; d="scan'208";a="5874164" IronPort-PHdr: =?us-ascii?q?9a23=3AynYoOBJ2GTBflM3JfNmcpTZWNBhigK39O0sv0rFi?= =?us-ascii?q?tYgXLvz7rarrMEGX3/hxlliBBdydsKMazbOI+P6wEUU7or+5+EgYd5JNUxJXwe?= =?us-ascii?q?43pCcHRPC/NEvgMfTxZDY7FskRHHVs/nW8LFQHUJ2mPw6arXK99yMdFQviPgRp?= =?us-ascii?q?OOv1BpTSj8Oq3Oyu5pHfeQtFiT68bL9oMRm7rArdu8gVjIB/Nqs/1xzFr2dSde?= =?us-ascii?q?9L321oP1WTnxj95se04pFu9jlbtuwi+cBdT6j0Zrw0QrNEAjsoNWA1/9DrugLY?= =?us-ascii?q?TQST/HscU34ZnQRODgPY8Rz1RJbxsi/9tupgxCmXOND9QL4oVTi+6apgVQTlgz?= =?us-ascii?q?kbOTEn7G7Xi9RwjKNFrxKnuxx/2JPfbIWMOPZjYq/RYdYWSGxPUcZLUyxKH52y?= =?us-ascii?q?YY0BAeEcOepUtpfxq0cLoRa4GAKiBv7gyiVQi3H1wKM00/ovHw/E0wwuGNIBrH?= =?us-ascii?q?Pao9r6OqoJTeC4z7PFwSnZYv9K2zrw7pXDfBA7ofGLWLJ9adffyVUxGAPdjlWf?= =?us-ascii?q?t4rlNC6I2OQIqWeb6+5gWvyvimU6rAxxuSWgxtw3h4nVhoMa1lDE9SJjzIYzPt?= =?us-ascii?q?23UlR3YdGjEJtOriyXMZZ9TMA6Q2xwpSo3xbILtYS7cSQX0pgr2RHSZ+Kdf4SV?= =?us-ascii?q?5B/oSfyfLi1ihH1/fbKynxOy8U+9xeLiTsS0y1NKrjZdktnLq3ANywTf6siZRf?= =?us-ascii?q?t5+UeswSqP2BrJ6uFFPEA0jrDXK4Ihw7EslpoTtl7PHinql0XtkKCabEAk+ums?= =?us-ascii?q?6+j/Y7XmoIGTN5Nshw3jPakjldazDOQlPgQUQWSW9vqw2Kf+8UHhRbVFlPw2kq?= =?us-ascii?q?3XsJDAIsQbo7a0AxRI3YY48Bu/Ezen38gYnXkANl5FfgmHgJLzN1HBJ/D4E++z?= =?us-ascii?q?g06wnzdz2/DGIrrhD43WLnfYjbfhfK1961VbyAo11t1Q+o9bCrcbLP3vXU/xsc?= =?us-ascii?q?TSDgUlPAys3+bnFNJ925sGWW2VH6+ZNLjfsUeS6eIyJ+mAfYoVuDH6K/g/+fHi?= =?us-ascii?q?l2M2mVgYfaOxx5sYdGi4Huh6I0WeeXfjnM8BHn0Qvgo/V+znk0WCXiRJZ3azRK?= =?us-ascii?q?I8/jU7B5i6AojdXIyth6aB3CijFJ1Mem9GEkyMEWvvd4icWfcDcieSLdF6kjAe?= =?us-ascii?q?UbitUYoh1Ra0tA/gyrpnNfHZ+ioCtZ35yNd14/PcmQsu+jxzCsSXy3uNQH1snm?= =?us-ascii?q?MUWz8227hyoVdjxVeZ3qh3nedVFdxJ6PNNVgc7NZjcw/ZmBND1XwLLZs2JR0q+?= =?us-ascii?q?QtW6HTExSco8wtEPY0Z5H9WijwrM3y+wD7AJjbCLHps0/bnC0HjrO8Z90G3L1K?= =?us-ascii?q?gnj1k6XMRPMXeqibJ49wjWH4TJiVmWl762daQA2y7A7GODzWuIvEFFXw98SKbF?= =?us-ascii?q?Um4FZkvQs9v54ljPT6GhCbs5KAtN082CJbVQat3vk1pGQO3vONPEY2K+g22wHw?= =?us-ascii?q?qHxquQbIr2fGUQxCHdCEkCkwAO8neKLBM+CTm9rGLDFjxuFE7vYkP1/el7r3O0?= =?us-ascii?q?U1I0zwWUYEB6ybq19QAaheaGR/MQwL0EoiEhpCtwHFqn2NLWEdWArRJ7fKpAed?= =?us-ascii?q?M9/EtH1WXBugxlO5ygKKdihkQAfAlspUPhyQh4CoVansg2tn8l0A1yKaeA2lNb?= =?us-ascii?q?azyYxYzwOqHQKmTq5xCgcLPW2lDF0NaN/acP7u40pEj+swGvDUci/HBn3MNU03?= =?us-ascii?q?uY/JnFEA0SUZeiGnowoiN3rbjBfigw4cv+yHx3Kq6y+mvZ0c8oH/AizFCsc9F3?= =?us-ascii?q?P6aNFQu0GMofUYzmEOU3nxCMaRUeMagG7KszONmrX+GL1K6iIKBrmzfw3kpd54?= =?us-ascii?q?Uo6V6B7ypxTKbz2p8Bx/yJll+cWyzUkEaqssexn5tNIz4VADzsmmDfGIdNa/gq?= =?us-ascii?q?Ls4wAmC0Lpjyn48mig=3D=3D?= X-IPAS-Result: =?us-ascii?q?A2F8BQBrMO5Y/wHyM5BcGwEBAQMBAQEJAQEBFwEBBAEBCgE?= =?us-ascii?q?Bgn8pgWyDZpo1AQEBAQEBBoEjkH2Ga4YkAoN4VwEBAQEBAQEBAgECaCiCMyIBg?= =?us-ascii?q?kABBSMPAUYQCw0BCgICJgICVwYBEogFggQNqT2CJiYCilEBAQEBAQEEAQEBAQE?= =?us-ascii?q?BIoELhQCFOodcgl8FnQqSYYp+hkZIkzpYgQUcCQIUCB4PhzckNYkiAQEB?= Message-ID: <1492005519.3881.8.camel@tycho.nsa.gov> Subject: Re: [PATCH] selinux: add selinux_is_enforced() function From: Stephen Smalley To: Sebastien Buisson , Paul Moore Cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, selinux@tycho.nsa.gov, william.c.roberts@intel.com, serge@hallyn.com, james.l.morris@oracle.com, Eric Paris , Paul Moore , Sebastien Buisson Date: Wed, 12 Apr 2017 09:58:39 -0400 In-Reply-To: References: <1491988018-4120-1-git-send-email-sbuisson@ddn.com> Organization: National Security Agency Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.22.6 (3.22.6-2.fc25) Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1156 Lines: 25 On Wed, 2017-04-12 at 15:30 +0200, Sebastien Buisson wrote: > 2017-04-12 13:55 GMT+02:00 Paul Moore : > > As currently written this code isn't something we would want to > > merge > > upstream for two important reasons: > > > > * No abstraction layer at the LSM interface.  The core kernel code > > should not call directly into any specific LSM, all interaction > > should > > go through the LSM hooks. > > The idea behind this patch and the other one was to replicate what is > done with selinux_is_enabled(). As I understand it now, > selinux_is_enabled() should remain the only exception to the LSM > hooks. > So do you agree if I propose a new security_is_enforced() function at > the LSM abstraction layer, which will be hooked to a > selinux_is_enforced() function defined inside the SELinux LSM? Even your usage of selinux_is_enabled() looks suspect; that should probably go away. Only other user of it seems to be some cred validity checking that could be dropped as well. The include/linux/selinux.h interfaces were originally for use by audit and secmark when there were no other LSMs and have gradually been removed.