Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp54732imm; Mon, 4 Jun 2018 12:54:36 -0700 (PDT) X-Google-Smtp-Source: ADUXVKK1DmJl/4yqsV54rCMkqthXMRoxt03xNJzr1+MdTj4sY9IeE8q+4x1R70JN5DIHEblJC4Q5 X-Received: by 2002:a17:902:900a:: with SMTP id a10-v6mr5026102plp.41.1528142076728; Mon, 04 Jun 2018 12:54:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528142076; cv=none; d=google.com; s=arc-20160816; b=SRJfmIkKoZRfUBiGcxSAEWejjOwDRd+DVlbNQWg381QckUXmqQJMT4lE3lRzV2kweF vqaxii6tml0tkYkAQOTTEENYoIWxLMJkz0CFaFroSsH0jPp/xDIN4PXlnpj7x0oFkvbm Rb0OwDRezSGTKwa8RMHJjoimIC4WhDfarvsOhVHSmCZg7ClUOyVryYYFb++lF/yC4fgC oIsEFDDsr84FJ43ZR+OlIqtUP8NNB6I7eQZGU+a5Dv0+zVbAUPBzZyYP8uSiTOPinw0b 2KcYPcTlO4gQATibVulFFQBppEidOCbP2xj0ywrxpwDxg/z2DJSVcl6bMRJkGlt6I+Hw yO0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:content-transfer-encoding :mime-version:references:in-reply-to:date:cc:to:from:subject :arc-authentication-results; bh=kXuk44RGjU9IEsGOJ5JaZO29Il02b++k3UOaVznj/IA=; b=eoHtoXYIOFCLoio4t5Q2KlB/tnzsapP23cWNRiyPUQrquRAb3mH8rHEkgH1+kzQuOB gxFfxl3O1so924nHBpreKza4noJdWens6b4YD9fwiRuaiHBKxbL2aCN6ecXV8ikZFeQd gwAYr+Svv2iOBpziL0lmuFTEab26gpSADzoJYubErUy04WEpe9yyZy1EJfyiWJki1yYF uuCk5SnF4LzGesMjewY7t4n0i+k3YO58wfgAfqSm7H2/jrzQ4niZXYFc4iZOFfUQyMw5 +Lxz31MoV4Wl4xWSYxeQEa1WWgFxM/KDJDsWSdSyAuZSoxowSzGHJ2xxbOAUThGF8O+t dJ2g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n34-v6si46576345pld.91.2018.06.04.12.54.20; Mon, 04 Jun 2018 12:54:36 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751194AbeFDTx4 (ORCPT + 99 others); Mon, 4 Jun 2018 15:53:56 -0400 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:48682 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751091AbeFDTxw (ORCPT ); Mon, 4 Jun 2018 15:53:52 -0400 Received: from pps.filterd (m0098414.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w54Jo6M6116413 for ; Mon, 4 Jun 2018 15:53:52 -0400 Received: from e06smtp01.uk.ibm.com (e06smtp01.uk.ibm.com [195.75.94.97]) by mx0b-001b2d01.pphosted.com with ESMTP id 2jd89jhry3-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 04 Jun 2018 15:53:51 -0400 Received: from localhost by e06smtp01.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Mon, 4 Jun 2018 20:53:49 +0100 Received: from b06cxnps4075.portsmouth.uk.ibm.com (9.149.109.197) by e06smtp01.uk.ibm.com (192.168.101.131) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Mon, 4 Jun 2018 20:53:44 +0100 Received: from d06av25.portsmouth.uk.ibm.com (d06av25.portsmouth.uk.ibm.com [9.149.105.61]) by b06cxnps4075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id w54Jrhie29360342 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Mon, 4 Jun 2018 19:53:43 GMT Received: from d06av25.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 7CAA411C058; Mon, 4 Jun 2018 20:44:31 +0100 (BST) Received: from d06av25.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 8323C11C050; Mon, 4 Jun 2018 20:44:29 +0100 (BST) Received: from dhcp-9-2-55-88.watson.ibm.com (unknown [9.2.55.88]) by d06av25.portsmouth.uk.ibm.com (Postfix) with ESMTP; Mon, 4 Jun 2018 20:44:29 +0100 (BST) Subject: Re: [PATCH v4 0/8] kexec/firmware: support system wide policy requiring signatures From: Mimi Zohar To: "Serge E. Hallyn" Cc: Casey Schaufler , James Morris , Kees Cook , Paul Moore , linux-integrity , linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, David Howells , "Luis R . Rodriguez" , Eric Biederman , kexec@lists.infradead.org, Andres Rodriguez , Greg Kroah-Hartman , Ard Biesheuvel , Jessica Yu Date: Mon, 04 Jun 2018 15:53:40 -0400 In-Reply-To: <20180604193215.GA13553@mail.hallyn.com> References: <1527616920-5415-1-git-send-email-zohar@linux.vnet.ibm.com> <1528121025.3237.116.camel@linux.vnet.ibm.com> <20180604193215.GA13553@mail.hallyn.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.20.5 (3.20.5-1.fc24) Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-TM-AS-GCONF: 00 x-cbid: 18060419-4275-0000-0000-0000028A103E X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 18060419-4276-0000-0000-0000379110B7 Message-Id: <1528142020.3237.138.camel@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2018-06-04_14:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=15 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1805220000 definitions=main-1806040228 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 2018-06-04 at 14:32 -0500, Serge E. Hallyn wrote: > Quoting Mimi Zohar (zohar@linux.vnet.ibm.com): > > On Tue, 2018-05-29 at 14:01 -0400, Mimi Zohar wrote: > > > Instead of adding the security_kernel_read_file LSM hook - or defining a > > > wrapper for security_kernel_read_file LSM hook and adding it, or > > > renaming the existing hook to security_kernel_read_data() and adding it > > > - in places where the kernel isn't reading a file, this version of the > > > patch set defines a new LSM hook named security_kernel_load_data(). > > > > > > The new LSM hook does not replace the existing security_kernel_read_file > > > LSM hook, which is still needed, but defines a new LSM hook allowing > > > LSMs and IMA-appraisal the opportunity to fail loading userspace > > > provided file/data. > > > > > > The only difference between the two LSM hooks is the LSM hook name and a > > > file descriptor. Whether this is cause enough for requiring a new LSM > > > hook, is left to the security community. > > > > Paul does not have a preference as to adding a new LSM hook or calling > > the existing hook.  Either way is fine, as long as both the new and > > existing hooks call the existing function. > > > > Casey didn't like the idea of a wrapper. > > James suggested renaming the LSM hook. > > > > The maintainers for the callers of the LSM hook prefer a meaningful > > LSM hook name.  The "null" argument is not as much of a concern.  Only > > Eric seems to be asking for a separate, new LSM hook, without the > > "null" argument. > > > > Unless someone really objects, to accommodate Eric we'll define a new > > LSM hook named security_kernel_load_data.  Eric, are you planning on > > I'm confused - isn't that what this patchset did? :) Right.  I'm trying to get consensus whether it is needed. > > > Ack'ing patches 1 & 2? > > > > Mimi > -- > To unsubscribe from this list: send the line "unsubscribe linux-security-module" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html >