Received: by 10.192.165.156 with SMTP id m28csp1444468imm; Wed, 11 Apr 2018 20:01:28 -0700 (PDT) X-Google-Smtp-Source: AIpwx48G4RpeEGRVaPj471/sN0f/c4TDo/g0q/AnIUbLrGIjdb059V731ExEa8Cg1tnC0/5U915J X-Received: by 10.99.97.139 with SMTP id v133mr179841pgb.285.1523502088049; Wed, 11 Apr 2018 20:01:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1523502088; cv=none; d=google.com; s=arc-20160816; b=bIY7BCCQzuO8htGmZ9DjqpU5M+dVUSQSR2MK/zhJ43twtn/XgfoCKW5qKc3gU+d2nl UrPf32B52UIKHTxqR6BTSbA+sS1/cjpOAJNGCMgRrl/9ZkUVTx38FU64m2vBLKbdu8GT bgvyYWujUcpgECLW3P05Vn1sBMlB0ORddQt0hstyyapMzvdRhMN15dIZIvjQvuPzAIqy StOhTl/F6zqcGikv0F6mruyfucKOMZ0rQIZyHYDHEDkF6nEPn/CyCE3P8Yo7S8P668Zj HESrcUaim0vVuG+pJAvbIBgN8eKkkuUeYv0CyZQfFDbH/cbeeyUUyI++cOgvSNpxbo6V cPQw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=pNvjYkkPnQsXheF/2pGyVzIEY/6mO6mFP37xQssm6V0=; b=ZAva/pHcR/3fZvwkFkxPCBrR8sQ+vYkvI5EOZXwP/sejKxJuys4qxmPIH8ypfat4Sm YCHZ6i/3NhS0IEULNQkfsdjSBBpDbtCuSp8B7gvnfzn/PQPTtqeHu2gbGzGk8DpJGI/A iAASRYjxqjSt7oFDOd6D8W+Zr7Mb+XWfO5a9fgNMukoWOVNfG1nJ2SOOjBvJsXRT/x18 VRMRRQuE7mx80UDLJdxet6UFnl7zEvYwZUqX6q1C++xX0rAv2Fs4n1v56pFIOEILh/k8 duZ+koXOJSmck5Krt42+/kwKUQkRJQjk3XVC8MJpqlpl5zL+0nOEs/jsy9UqSfN+qJZL 0+3A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=lxGYJLc+; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x15-v6si2082512pln.479.2018.04.11.20.00.51; Wed, 11 Apr 2018 20:01:28 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=lxGYJLc+; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752475AbeDLC5f (ORCPT + 99 others); Wed, 11 Apr 2018 22:57:35 -0400 Received: from mail-it0-f46.google.com ([209.85.214.46]:39284 "EHLO mail-it0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752284AbeDLC5d (ORCPT ); Wed, 11 Apr 2018 22:57:33 -0400 Received: by mail-it0-f46.google.com with SMTP id e98-v6so5221649itd.4 for ; Wed, 11 Apr 2018 19:57:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=pNvjYkkPnQsXheF/2pGyVzIEY/6mO6mFP37xQssm6V0=; b=lxGYJLc+jdqSBDqbbPqHWJhmSoQSf4FoDn8uZKjyxqnxAzqQMK1ZAymjx3+OZRMV/j 8ihRFgoAOXb27SlaDbN7N7HmvYQDV6XlMTezVwz1zdxee5I/WapU50DuXXDu5HRS7rDG +vZQZpAcDVlw2VP1yZnAl9wPxkKckMBl6b4huEQwyPILS7iVXBIjpG96/mo3S8yFMfNT PRVw8eQVndP+Lwo2ixNs/zcnDGGuMNCWHCvEgfroL8LrwcXhmxPGkWZvhbrbFNcXC/wr wqxKP5mfYQNh1mlB5jyenltQN3IXdr7rcGObr/PWjOC1amnQdXmB/50vNBKupk7hrObK uTDg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=pNvjYkkPnQsXheF/2pGyVzIEY/6mO6mFP37xQssm6V0=; b=UOFK2jFP+ACjGmw9qw0iBvkTnQajF9TkcGUyZom2bVF2mKbq9DpGIGTRLIZg45GB2J BcappnR+svi5Q7jUwZFOeL6jZEaIDZuSU1I2NJ7jWG+RyVKIIFUHK0yiH+a3mgo4z7eV tcSyNONbeoWEZYVrk+qBssbJYsGD4mBVvRV7Npv1OPZjlNISEgKXURNlk/Gm5HPAbjRs sClOtwxb/kkFoUm/hOqF4FrL8QCyytTshpqHP+Ip8UC7hQfTtUrzCcAU8cEKk4qk2/2W iS0mhkf1mRLNq5ba4IhdWpxEBjA4Lrod/ad95BWZbI58iOXZi80XnVc0MXPOto/NKt8u Y4xQ== X-Gm-Message-State: ALQs6tBOnjvvogl2o0kK6VyzZIKJZaflmMhi4OBc0M/GLZw4tENeaTlJ upKZkM0xGKXoYOe2gNF0ahMI1qL7GyFu35nutCevnw== X-Received: by 2002:a24:530f:: with SMTP id n15-v6mr6399721itb.123.1523501852799; Wed, 11 Apr 2018 19:57:32 -0700 (PDT) MIME-Version: 1.0 Received: by 10.2.137.70 with HTTP; Wed, 11 Apr 2018 19:57:12 -0700 (PDT) In-Reply-To: <152346388583.4030.15146667041427303547.stgit@warthog.procyon.org.uk> References: <152346387861.4030.4408662483445703127.stgit@warthog.procyon.org.uk> <152346388583.4030.15146667041427303547.stgit@warthog.procyon.org.uk> From: Andy Lutomirski Date: Wed, 11 Apr 2018 19:57:12 -0700 Message-ID: Subject: Re: [PATCH 01/24] Add the ability to lock down access to the running kernel image To: David Howells Cc: Linus Torvalds , linux-man , Linux API , James Morris , LKML , LSM List Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Apr 11, 2018 at 9:24 AM, David Howells wrote: > > (*) CONFIG_LOCK_DOWN_KERNEL > > This makes lockdown available and applies it to all the points that > need to be locked down if the mode is set. Lockdown mode can be > enabled by providing: > > lockdown=1 By doing this, you are basically committing to making the protect-kernel-integrity vs protect-kernel-secrecy split be a second-class citizen if it gets added. How about lockdown=integrity_and_secrecy or lockdown=2 if you feel like using numbers?