Received: by 10.223.185.116 with SMTP id b49csp5948149wrg; Wed, 7 Mar 2018 22:25:32 -0800 (PST) X-Google-Smtp-Source: AG47ELu4Ts6mT7UAT0wDZT9HA6tqREsYUgTxMenGpTu2jqQRD0gEPGDsfHhoPX+GKt403KqCBTjR X-Received: by 2002:a17:902:2006:: with SMTP id n6-v6mr22984631pla.149.1520490332662; Wed, 07 Mar 2018 22:25:32 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520490332; cv=none; d=google.com; s=arc-20160816; b=mEY+dntTwQSj3zHG6ZzG3JZffrS/w91BrJM/cQvF5TMt6mGE/0vqZDMLB+3uthmXzw BMagy75KGNG1WcMKWODQ+nctY8d7vDD9yfQPcg+hIDh1khLh1PJGjIAqtJ647ayZaBGs aYpqlkX7EXv8mdj7ehJIQRz9Ybi0aGJ3rrQ9UEP8zsqwxRVbHpruhsDcXVNL1L3PkcCs LUGJMtnaUV9wWuPfEdm7Ithwelq0ixXwl4C2kDytfbPcsIygbTge6g61al3DYDNODcVg AiNnkuPVILRY7riXVCvjf3LHsLeQtQbtOM8vCUvMCQvlzHdv5HYFMolUGoWpI/zUjogv PHsA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:msscp.transfermailtomossagent :mime-version:content-transfer-encoding:spamdiagnosticmetadata :spamdiagnosticoutput:content-language:accept-language:in-reply-to :references:message-id:date:thread-index:thread-topic:subject:cc:to :from:dkim-signature:arc-authentication-results; bh=+kqmhkOG5OO8C3PxtPaYfnSdgvlMy26h5KzEfHlih8M=; b=XmcUInOF6nAuXJnyopOMJkmGrpZkw22YNLEIXImF2GwKHoTK+ge8oHE38SQ5E1Mx4N LJmVwwf0rfuYFZlrg9+HLTmHflgNsaBCstheeKA0IyAYiTs5LkGux/n7XR1chxTXPkEw fsq4y9hqMRBzdt3EC0FS2LS1/FlJ46JYErsw7GQOBGZI/05sL7P3P9VH2Sb2U0ysp/qv 3Zxw6e3oChDt/iBJD0mS5ndVVqozkb5uMhpK3CDHAuv+8g7CdNEYT3wZp5lBvsj62qL3 uavOhP1BPMlvvy5ydXDpKVibYXIu+0wJZYJWL1bGjx41aXCQmNWczWu2Vd8GhAUDxZsG OBOw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@toshibaap.onmicrosoft.com header.s=selector1-toshiba-co-jp header.b=N5CueVsd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=toshiba.co.jp Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x19si11996730pfh.145.2018.03.07.22.25.18; Wed, 07 Mar 2018 22:25:32 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@toshibaap.onmicrosoft.com header.s=selector1-toshiba-co-jp header.b=N5CueVsd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=toshiba.co.jp Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S965401AbeCHGXx (ORCPT + 99 others); Thu, 8 Mar 2018 01:23:53 -0500 Received: from mo1502.tsb.2iij.net ([210.149.48.174]:44790 "EHLO mo.tsb.2iij.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S935418AbeCHGXt (ORCPT ); Thu, 8 Mar 2018 01:23:49 -0500 Received: by mo.tsb.2iij.net (tsb-mo1502) id w286NZEQ003304; Thu, 8 Mar 2018 15:23:36 +0900 Received: from unknown [172.27.153.184] (EHLO tsb-mr1500.hop.2iij.net) by mas1506.tsb.2iij.net(mxl_mta-7.2.4-7) with ESMTP id 7e6d0aa5.0.18779.00-695.38008.mas1506.tsb.2iij.net (envelope-from ); Thu, 08 Mar 2018 15:23:36 +0900 (JST) X-MXL-Hash: 5aa0d6e8291b385c-fd8e47f6acc0001c2354f3cc9529c58a67d8ed82 Received: from imx12.toshiba.co.jp (imx12.toshiba.co.jp [61.202.160.132]) by relay.tsb.2iij.net (tsb-mr1500) with ESMTP id w286NYgK014030; Thu, 8 Mar 2018 15:23:35 +0900 Received: from tsbmgw-mgw01.tsbmgw-mgw01.toshiba.co.jp ([133.199.232.103]) by imx12.toshiba.co.jp with ESMTP id w286NYN7000944 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 8 Mar 2018 15:23:34 +0900 (JST) Received: from tsbmgw-mgw01 (localhost [127.0.0.1]) by tsbmgw-mgw01.tsbmgw-mgw01.toshiba.co.jp (8.13.8/8.14.5) with ESMTP id w286NY3h026626; Thu, 8 Mar 2018 15:23:34 +0900 Received: from localhost ([127.0.0.1]) by tsbmgw-mgw01 (JAMES SMTP Server 2.3.1) with SMTP ID 828; Thu, 8 Mar 2018 15:23:34 +0900 (JST) Received: from arc11.toshiba.co.jp ([133.199.90.127]) by tsbmgw-mgw01.tsbmgw-mgw01.toshiba.co.jp (8.13.8/8.14.5) with ESMTP id w286NY13026614; Thu, 8 Mar 2018 15:23:34 +0900 Received: (from root@localhost) by arc11.toshiba.co.jp id w286NYpR018717; Thu, 8 Mar 2018 15:23:34 +0900 (JST) Received: from ovp11.toshiba.co.jp [133.199.90.148] by arc11.toshiba.co.jp with ESMTP id RAA18714; Thu, 8 Mar 2018 15:23:34 +0900 Received: from mx12.toshiba.co.jp (mx12.toshiba.co.jp [133.199.90.142]) by ovp11.toshiba.co.jp with ESMTP id w286NXYi017732; Thu, 8 Mar 2018 15:23:33 +0900 (JST) Received: from tgxml229.toshiba.local by toshiba.co.jp id w286NXEm021139; Thu, 8 Mar 2018 15:23:33 +0900 (JST) Received: from TGXML376.toshiba.local (10.51.120.7) by tgxml229.toshiba.local (133.199.62.20) with Microsoft SMTP Server (TLS) id 14.3.352.0; Thu, 8 Mar 2018 15:23:33 +0900 Received: from TGXML363.toshiba.local (133.199.130.69) by TGXML376.toshiba.local (10.51.120.7) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Thu, 8 Mar 2018 15:23:33 +0900 Received: from JPN01-OS2-obe.outbound.protection.outlook.com (23.103.139.147) by stsap1.toshiba.co.jp (106.186.93.92) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Thu, 8 Mar 2018 15:23:33 +0900 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toshibaap.onmicrosoft.com; s=selector1-toshiba-co-jp; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=+kqmhkOG5OO8C3PxtPaYfnSdgvlMy26h5KzEfHlih8M=; b=N5CueVsdMktxRYwe8lcsJV0WV/+9q2FVsevR8WUf4Ct8UE49SX5xxfphIjUz8sGy/uKD7bolQxVxC5VusOf7Ys6/pyF0ByP+uJfaRcn+UJ3eEsxjygoKwyTbgdI4RMcAkfrhWht6LCTCHWZ63U/VtUBX3iL1FknkhuH1wKDQQUc= Received: from TYXPR01MB1854.jpnprd01.prod.outlook.com (52.133.165.147) by TYXPR01MB0688.jpnprd01.prod.outlook.com (10.168.43.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.548.13; Thu, 8 Mar 2018 06:23:31 +0000 Received: from TYXPR01MB1854.jpnprd01.prod.outlook.com ([fe80::ac24:4f62:7706:ea14]) by TYXPR01MB1854.jpnprd01.prod.outlook.com ([fe80::ac24:4f62:7706:ea14%13]) with mapi id 15.20.0548.016; Thu, 8 Mar 2018 06:23:31 +0000 From: To: , CC: , , , Subject: RE: [RFC v2 1/2] WhiteEgret: Add WhiteEgret core functions. Thread-Topic: [RFC v2 1/2] WhiteEgret: Add WhiteEgret core functions. Thread-Index: AQHTssi2YobdO7JaGkut+ZrsdYcRG6PF4vNg Date: Thu, 8 Mar 2018 06:23:31 +0000 Message-ID: References: <20180301073830.2551-1-masanobu2.koike@toshiba.co.jp> <458a466a-78bc-80d4-4d52-64b92d39f416@schaufler-ca.com> <201803031722.EDF21804.QHMOtFJOFFOLSV@I-love.SAKURA.ne.jp> In-Reply-To: <201803031722.EDF21804.QHMOtFJOFFOLSV@I-love.SAKURA.ne.jp> Accept-Language: ja-JP, en-US Content-Language: ja-JP authentication-results: spf=none (sender IP is ) smtp.mailfrom=masanobu2.koike@toshiba.co.jp; x-originating-ip: [103.91.184.160] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1;TYXPR01MB0688;7:DHeUMCkJqTBpzFETlJ3fT+3SPahqgjZczP8SnkBkUwhwlEIAtTqDXTBwvfNe4e2Y2lQlPMQh9zqieP3xrDI98tps8tEUv8DmFhbNlcazqz42xGWS60ZMh3fc6vmNFvLddo4gVcNdIi3m8yxWjKfSr0cOQODrmtiSAiawerqeiPMXN7YfIH/t1IbgATz9hlfEsPK5uk4v7Ya6WulJnEpRUFGzB3Dc0Cn5xBgOpXHVnTS4eQSp31Wp721jWwkGrfqI x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: 30d83ffa-a46b-4e02-0819-08d584bd1d4e x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(7020095)(4652020)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020);SRVR:TYXPR01MB0688; x-ms-traffictypediagnostic: TYXPR01MB0688: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(192374486261705); x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID:(8211001083)(6040501)(2401047)(5005006)(8121501046)(10201501046)(3231220)(944501244)(52105095)(93006095)(93001095)(3002001)(6041288)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123562045)(20161123560045)(6072148)(201708071742011);SRVR:TYXPR01MB0688;BCL:0;PCL:0;RULEID:;SRVR:TYXPR01MB0688; x-forefront-prvs: 060503E79B x-forefront-antispam-report: SFV:NSPM;SFS:(10009020)(979002)(39380400002)(346002)(376002)(396003)(366004)(39850400004)(189003)(199004)(59450400001)(2950100002)(102836004)(81156014)(53546011)(6506007)(229853002)(2900100001)(93886005)(110136005)(97736004)(74482002)(186003)(26005)(2501003)(3660700001)(76176011)(478600001)(316002)(8676002)(345774005)(5250100002)(74316002)(105586002)(7736002)(305945005)(68736007)(86362001)(81166006)(25786009)(6116002)(9686003)(8936002)(53936002)(3846002)(6436002)(55016002)(5660300001)(6246003)(4326008)(106356001)(14454004)(3280700002)(99286004)(54906003)(66066001)(7696005)(2906002)(33656002)(969003)(989001)(999001)(1009001)(1019001);DIR:OUT;SFP:1101;SCL:1;SRVR:TYXPR01MB0688;H:TYXPR01MB1854.jpnprd01.prod.outlook.com;FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; received-spf: None (protection.outlook.com: toshiba.co.jp does not designate permitted sender hosts) x-microsoft-antispam-message-info: duRwUCkYwtGBjQArQl5DZfyg0T70G4vmpqO81dwDtuWGOhG5erjI7llu+CoI3cYAF3J/VcaWAoaBe5MRRwAix+0tfth7QKlFITVE6fy3bELebZqBXEQAf9XXVOgyk3Avx5ijKFaibg6O7ehp3hRJU2C1vbWn4djEPaKNP4MIUmuJpKbGiUMm+N3cEGeX98DzP1x2v+uhFwKg+vk6eYSaSCKWDsfwJbBbFqJRbRFPHQdZx7gewAsQLQUhs7jMUFPBMnOWiXB5TTMup9FR+MmCyK3X0DwD0d5PQH+ir/WO8Q+ZnB149NbwISg0OJDSr0026MgZeAjVbTxjvZy+imgxyQ== spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="iso-2022-jp" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: 30d83ffa-a46b-4e02-0819-08d584bd1d4e X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Mar 2018 06:23:31.7506 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: f109924e-fb71-4ba0-b2cc-65dcdf6fbe4f X-MS-Exchange-Transport-CrossTenantHeadersStamped: TYXPR01MB0688 MSSCP.TransferMailToMossAgent: 103 X-OriginatorOrg: toshiba.co.jp X-MAIL-FROM: X-SOURCE-IP: [172.27.153.184] X-Spam: exempt Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Saturday, March 03, 2018 5:22 PM, Tetsuo Handa wrote: > Masanobu Koike wrote: > > On Friday, March 02, 2018 12:43 AM, Casey Schaufler wrote: > > > On 2/28/2018 11:38 PM, Masanobu Koike wrote: > > > > @@ -264,6 +266,9 @@ choice > > > > config DEFAULT_SECURITY_APPARMOR > > > > bool "AppArmor" if SECURITY_APPARMOR=3Dy > > > > > > > > + config DEFAULT_SECURITY_WHITEEGRET > > > > + bool "WhiteEgret" if SECURITY_WHITEEGRET=3Dy > > > > + > > > > > > I don't see this module using any security blobs. Is there > > > a reason you're not making this a minor (like yama) module > > > instead of a major (like AppArmor) module? > > > > Thank you for your suggestion. > > We are now developing WhiteEgret on the environment > > it works certainly. > > >=20 > ??? What Casey suggested is effectively >=20 > ---------- > --- a/security/whiteegret/init.c > +++ b/security/whiteegret/init.c > @@ -48,9 +48,6 @@ static int __init we_init(void) > { > int rc; >=20 > - if (!security_module_enable("whiteegret")) > - return 0; > - > security_add_hooks(we_hooks, ARRAY_SIZE(we_hooks), > "whiteegret"); >=20 > rc =3D we_specific_init(); > ---------- >=20 > , isn't it? Unlike Yama, adding whiteegret_add_hooks() to security_init() > is not useful, for security_init() is called too early to create security= fs > entries for WhiteEgret. >=20 > Current version uses security=3D parameter as a switch for enabling/disab= ling > WhiteEgret, doesn't it? If WhiteEgret does not use security=3D as a switc= h, > is some other switch (e.g. __setup()) expected? Sorry for the delay. Thank you for your comment and suggestion. I'll make this module a minor one in the next version. Masanobu Koike