Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp37143imm; Mon, 4 Jun 2018 12:34:06 -0700 (PDT) X-Google-Smtp-Source: ADUXVKKQqiKUX56dOSgNtfyAWWNqdudfj44t+f7LZ12uaMQpjG8/sW7whbU+9bHfuPrfnr7pIrKS X-Received: by 2002:a17:902:284b:: with SMTP id e69-v6mr22530118plb.240.1528140846316; Mon, 04 Jun 2018 12:34:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528140846; cv=none; d=google.com; s=arc-20160816; b=GMFWBT15D2bpqVd0gOpg3zuXX+JEcvRWVegQWWKKpmXjgu/kUSBKHtkJBbtVWGMhF5 XMJPBNSr/DjnAsqa0t8ZXefjogROzTuNJDOgILcRD0VoZSStaiQPleW+YUHY2EyRihl1 sxtg9b1rHX03eZQMaz86wuYg9I7FjEfAYTBaapXnJ8n3ey2060HY9agAPzMefNxuVcyO bO4KyYwlaVyoJcazThd0dZUkipsCxIfQWhLuEFsmWDDZzgm1g1PwsqduF9Cj+tmb5V+R HARp+3CBoRDFy/JYPdGyQ9kvQLPml/4E+3TgUiXHYIG6QWqS9BEtwFglV5nm/mqlcAB/ KJlg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date :arc-authentication-results; bh=YD7WlL/zRUUTr8eDZ+7CS7EPNosDop8N4gF+fyA9c20=; b=l272+ksH2/TjKCo8aYvuNCWGwy6dEFtPOmfrFiMsS2SdB0Clu8QMPqaIEj2BiycKcD H2oHWoMTJq/+M8gC/9rSljVmD8ZRukID+CXWibrd381DIcJSNg3ni7NSQw5HYA0GyaJz fO4wrs2P3Xmj0BU3oGT0GqUvSYvyjyOBW6GEssaDYKVAr1VsM7cxVB6w8mQhBt5V5zgp 9h/1IvUMDRUuj/B76T2xoO+3uCDuOezCTZyF6gFv7yPFcVmzoxdSRoDebd6LtIQKN/fC GM/w9PBL8a7m1l7EUYqjmfPz/jnp88QF3jSEZ2NA/O2svhTclci3ZQoE4I7HAT/+hi6Z BR/w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h21-v6si4222246plr.369.2018.06.04.12.33.51; Mon, 04 Jun 2018 12:34:06 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751341AbeFDTcT (ORCPT + 99 others); Mon, 4 Jun 2018 15:32:19 -0400 Received: from h2.hallyn.com ([78.46.35.8]:55740 "EHLO mail.hallyn.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750915AbeFDTcR (ORCPT ); Mon, 4 Jun 2018 15:32:17 -0400 Received: by mail.hallyn.com (Postfix, from userid 1001) id BF876120463; Mon, 4 Jun 2018 14:32:15 -0500 (CDT) Date: Mon, 4 Jun 2018 14:32:15 -0500 From: "Serge E. Hallyn" To: Mimi Zohar Cc: Casey Schaufler , James Morris , Kees Cook , Paul Moore , "Serge E. Hallyn" , linux-integrity , linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, David Howells , "Luis R . Rodriguez" , Eric Biederman , kexec@lists.infradead.org, Andres Rodriguez , Greg Kroah-Hartman , Ard Biesheuvel , Jessica Yu Subject: Re: [PATCH v4 0/8] kexec/firmware: support system wide policy requiring signatures Message-ID: <20180604193215.GA13553@mail.hallyn.com> References: <1527616920-5415-1-git-send-email-zohar@linux.vnet.ibm.com> <1528121025.3237.116.camel@linux.vnet.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <1528121025.3237.116.camel@linux.vnet.ibm.com> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Quoting Mimi Zohar (zohar@linux.vnet.ibm.com): > On Tue, 2018-05-29 at 14:01 -0400, Mimi Zohar wrote: > > Instead of adding the security_kernel_read_file LSM hook - or defining a > > wrapper for security_kernel_read_file LSM hook and adding it, or > > renaming the existing hook to security_kernel_read_data() and adding it > > - in places where the kernel isn't reading a file, this version of the > > patch set defines a new LSM hook named security_kernel_load_data(). > > > > The new LSM hook does not replace the existing security_kernel_read_file > > LSM hook, which is still needed, but defines a new LSM hook allowing > > LSMs and IMA-appraisal the opportunity to fail loading userspace > > provided file/data. > > > > The only difference between the two LSM hooks is the LSM hook name and a > > file descriptor. Whether this is cause enough for requiring a new LSM > > hook, is left to the security community. > > Paul does not have a preference as to adding a new LSM hook or calling > the existing hook. ?Either way is fine, as long as both the new and > existing hooks call the existing function. > > Casey didn't like the idea of a wrapper. > James suggested renaming the LSM hook. > > The maintainers for the callers of the LSM hook prefer a meaningful > LSM hook name. ?The "null" argument is not as much of a concern. ?Only > Eric seems to be asking for a separate, new LSM hook, without the > "null" argument. > > Unless someone really objects, to accommodate Eric we'll define a new > LSM hook named security_kernel_load_data. ?Eric, are you planning on I'm confused - isn't that what this patchset did? :) > Ack'ing patches 1 & 2? > > Mimi