Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp185960imm; Tue, 14 Aug 2018 16:52:06 -0700 (PDT) X-Google-Smtp-Source: AA+uWPy8t5+zPlBOM+73rgTeuiH3pn996DX7Xzu0POqLa/edMyj47H9AyMwqO8XkWLbGNHLtztoF X-Received: by 2002:a17:902:76c5:: with SMTP id j5-v6mr22082337plt.296.1534290726502; Tue, 14 Aug 2018 16:52:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1534290726; cv=none; d=google.com; s=arc-20160816; b=HYheTJE/hfJ2/NRE6s9CaanZ9Ni8aU2lj1oL94NpufImcw8/n3p/eF55LNUlcLpGJH Lvcq+MQBYNOD3ARo1m6yPV+RK+PVMXWli25w+e20SHEQ6SVY2ofIUyGsESiPWr447iqO o/8QlTPa24ICW9fhzmVlza8G9IPZptYqzZJbZMgV3c2z3LK0GnshosRZrEmHdyK3YTbz 1qScP1jBCvGHZewftCq+x2xAmS8bfSMlLqhStdEHpT1vBAqHBYd7PBh5crWCAgoE7Ne0 M5NrnNLc6LXaOqhX9qTxYEG8C2YQSTdyUziTXXR1x0zMsFwvX0xrc9nUZNIS68qSt6Ff P7PQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature :arc-authentication-results; bh=Q5ueiMz8B20u2Ep3Bb8PK52De67dhT4pLva/afp2GIs=; b=HVbEZuYFtGFZ5mRmpzUScywGAUwP1muZ21Lu0ke0IGZj6EzP3Z1wOqTFz9Acva9HtS Xk1SYr1vFsFNz69aajqZLwp/gU0RMxqfYP6EJw7vMuRvsHxAKNmWt/XczY8TN2nNu7FX vdOoehLzGq3qipnYzn9dMQcljgql1jbbkl2mYU1CNCsye/US1CWx4+Im1TyZUmAseEHR Qjilr8jkRG/44QOMVNMY+wQnASeZFe1iOEpthL2mU8tnRdD/UpKo+h+aD2KKq1KeBeY7 kFX3z9D2ZD4AMNIsGrJDrckLpegWg2Xop77nFymfxIdlfgB7PGtMWwTQGGIEzhaW0MAX gkeA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=NwYADPIr; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q10-v6si19144372pge.674.2018.08.14.16.51.51; Tue, 14 Aug 2018 16:52:06 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=NwYADPIr; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728199AbeHOCju (ORCPT + 99 others); Tue, 14 Aug 2018 22:39:50 -0400 Received: from sonic303-29.consmr.mail.gq1.yahoo.com ([98.137.64.210]:35767 "EHLO sonic303-29.consmr.mail.gq1.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727854AbeHOCju (ORCPT ); Tue, 14 Aug 2018 22:39:50 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1534290616; bh=Q5ueiMz8B20u2Ep3Bb8PK52De67dhT4pLva/afp2GIs=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From:Subject; b=NwYADPIrb40i3Wl1OzYqXHb7FXfDKCi2KX1G6eb6H1Kgl9JyqWknfqXvSA6K/6IQ+7vcmJAA1T0Vso9PXeBlzMB1mT5Pavmvz5eHXRgvXSfUgpXHfWChgf31Mje1o4MO6DWgS5Gf1oTrHBhVlPgpStH9W68L8b4g0JDrc6TNRGWPRlRmIljR30Gj7bpZs9i8qRu+TVGGJnLA1v+pZR+PjLJmZ/o6RVIC/gOVkJI1Hl/w+Sf4F2vEVR6OaD8Ea1wBQnPj+x/founQSOmhCFAOpySAyr30WnsrpLU0tLWfCx9pcWbN9AB5S2giNr9XrU8atPNfp4g0s6G8P0griE2d2A== X-YMail-OSG: lkeuAUoVM1lw.oZzTtX7r2bZszenz6AswDKbEE2A4ffUXkSJsYUJOUUJMKE0WFo LMLFbVWR50oRVzEi8agqw4_VhSz9Xrt_VFY4Hxmkoi9Ah1OAuYHbK.WzV4cBryATQFGhMki_zHPG 5KOsvZv1tB5lnRKFCgNTmXiE2v8INGkMW9vuoc4OyoiwTsicGyETv7Zqim1LogYxAsyKY4V_AwWI JCsMv4oFRdk6Ylh66sFxl3jQHxEjm32n79Rt4Csn6ILVqNoZXqWtlq7B2ig7QdAWWennwMvUA15n 4DNdQUzJ7dwALtu7Rt.RiT4LCReLpJmVSse_ftThT2sBekd1nOqryI1Ngy.E0JnnFxBIeaCuor5i t9nlfgcjZEBZIJr3qBq92l_lt7pSyVqSl_KaBWSnn.xcfmPPsPWncp5EJGA1gRoIVtCB6Ue26Mvp 1ZSAU6HKoEcLrRq2HRpinI4mElq1f7FE1hduItCiKzF_oMjyt5raEcg2RrYzdqmHBgseIxrOGlhB 8SM_iKSsmxYHaH6OR.YUVEZl.JPdYitTyab4pvPCipKB1C8oXYVfFgbWF16OsJK1yb00fd0htCxG ij5eXHwY_JRSCh08MPEe6crBcTxQ7WqsKUE6OnrKV2EuFyoy5lMhMoFcp3KwgKYBgZR7RAOiMRjc ugl2SIUuZUlqPaz3MRuwcBT6lMb4UiiaCkLtQW42fOy1QQVcEjy0G8WsGXGVOd5HLKkUIk65bGYP XcsOXB56hB_euJ1eBm_YOm4p_XXsFZ8YfI7VCoP.KtL_y_rY5dlV38QrAH8a2VHrSoDpAuiy2Uvx Pt5QCUiKNnv83kw.GWgt1Fqp3absQ_9TqxmGdfvNaZtvYqFOHv4yj090lFnklQsS8j40jE7xwytR Ex8rt9ASmDbIqCR6O1N4pKVtSGtyTz38DlBUjEeCYo8sh_MKN_3PdWb2kqo.Q0SDlH41MMbmwrd5 tUfE62fZGq8fLzUgEKMED86sv4Idl2QsdfUq_H.10J.DR0OI9aC9zkTfHojvmR_HlPhi60qBvLiD UMuNRfs3ZEJx1P0fDCZvGGWpxs2z6hA-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic303.consmr.mail.gq1.yahoo.com with HTTP; Tue, 14 Aug 2018 23:50:16 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO [192.168.0.102]) ([67.169.65.224]) by smtp427.mail.gq1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 254696bb2964527cfb3116650c9b2a8a; Tue, 14 Aug 2018 23:50:13 +0000 (UTC) Subject: Re: [PATCH v1 00/22] LSM: Full security module stacking To: Jordan Glover Cc: Sargun Dhillon , LSM , LKLM , Paul Moore , Stephen Smalley , SE Linux , "SMACK-discuss@lists.01.org" , John Johansen , Kees Cook , Tetsuo Handa , James Morris , "Schaufler, Casey" , Casey Schaufler References: <8a325db8-e7eb-9581-2b77-fc987a165df7@schaufler-ca.com> From: Casey Schaufler Message-ID: <8e2bdc10-3142-9e8d-ff05-70fa4d862dd5@schaufler-ca.com> Date: Tue, 14 Aug 2018 16:50:11 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Content-Language: en-US Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 8/14/2018 4:22 PM, Jordan Glover wrote: > On August 14, 2018 8:28 PM, Casey Schaufler wrote: > >> >>>> The blob management part (through "LSM: Sharing of security blobs") >>>> is ready for prime-time. These changes move the management of >>>> security blobs out of the security modules and into the security >>>> module infrastructure. With this change the proposed S.A.R.A, >>>> LandLock and PTAGS security modules could co-exist with any of >>>> the existing "major" security modules. The changes reduce some >>>> code duplication. >>>> Beyond the blob management there's a bit of clean-up. >>>> Mounting filesystems had to be changed so that options >>>> a security module doesn't recognize won't be considered >>>> a fatal error. The mount infrastructure is somewhat >>>> more complex than one might assume. >>> Casey, >>> Do you think you can break out 1 into its own patch? It seems like >>> that'd be valuable to everyone. >> Yes, I think that is a good idea. Landlock, S.A.R.A. and a couple >> other security modules could be added upstream if this part of the >> work was available. It would not provide everything needed to stack >> all the existing modules. I believe there is concern that if this >> much went upstream the work on finishing what's required to make >> everything work might be abandoned. >> > On the other hand there is concern that those security modules might > be abandoned if they have to wait until everything is finished :) There is some truth to that. If we can get commitment from the developers of those security module to push for getting upstream, a statement of intent to support additional modules (e.g. Landlock, S.A.R.A.) from a significant distribution (e.g. Fedora, Ubuntu, SuSE) and ACKs from the maintainers of the existing modules we should be able to breeze right in. Yeah, I think that's about all it would take.