Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp1468432imm;
        Wed, 15 Aug 2018 19:01:21 -0700 (PDT)
X-Google-Smtp-Source: AA+uWPyRG62r6gXBgsAOad3RU2fOlfV6JMcCmqUcSkBHuBmnzWkAjJ/+iu9KHcv48I+981tXb1mb
X-Received: by 2002:a63:63c3:: with SMTP id x186-v6mr518314pgb.173.1534384880954;
        Wed, 15 Aug 2018 19:01:20 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1534384880; cv=none;
        d=google.com; s=arc-20160816;
        b=k2i+RkE/a7Y2AyJCeYAKBFoaxawuSXshbYtrHm9lTKApbumxc54d/jfBjj1pzSkZZ4
         6x72h04++Tepvp8F3z5n+xunwFqQF5mkadsgCVVg6mZ2dXpVMsA4obo7HEEel46QS5in
         FzJPCh3gUFk1liydvduyLFVMo3doxGsvsWlCYmxumeLxtDsthpDKeOak+Wi5uG1WMaG8
         npj8x0WAgNFDuPU4QH/4SAd/knIHmnfGIB0hL30XFhwUA3cYUCB0knn0Afc4TfuVJZvv
         ALFJJ31fKHo5VaBpHRorSFIBfMY2uQLO7SOhLpjraaI6fx3V26l6D4qfQWcut7QRM07Q
         aDmw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:date:subject:to:from
         :arc-authentication-results;
        bh=4s8H5NoCSshtXDWEqzHFr19GEHH93S/eGb9n74YW20Y=;
        b=JE41oub8nenyPvDAuQBBMk+guccoQkt2p/C1kfWwzbM6smRq5LR99lAVfGJIEiUF2s
         eBlRKgsqPKQZv2IhNMYJaic8QxxQOzpXCBEZH4vmwUwkZuUzOD538Sx1JRbx35uQaKRG
         FGb8O+0PvdWuuHNrdSwVOnL7MHhFFWYUS1ZE+Ls8K8KbUyZAjB609nHehaqPiftD/pKB
         3hDXgYJUuNe8j+gAavIspqmHdt9PhksqU8OrPC9kTHsoanQ9f0tSxvhOyW2hvFpFti79
         X5TELeFHyPw/LaDZcpgHM6oGcFs8bbtCo7ruj25M4valr/OFlAqIzLpjqGVbZwQu6ruG
         b4cA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id d32-v6si20237506pla.93.2018.08.15.19.00.51;
        Wed, 15 Aug 2018 19:01:20 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1731180AbeHPCs1 (ORCPT <rfc822;gyapra2016@gmail.com>
        + 99 others); Wed, 15 Aug 2018 22:48:27 -0400
Received: from mga09.intel.com ([134.134.136.24]:61123 "EHLO mga09.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1728014AbeHPCs1 (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 15 Aug 2018 22:48:27 -0400
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga003.jf.intel.com ([10.7.209.27])
  by orsmga102.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 15 Aug 2018 16:53:56 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.53,245,1531810800"; 
   d="scan'208";a="75694058"
Received: from cschaufl-mobl.amr.corp.intel.com ([10.252.130.105])
  by orsmga003.jf.intel.com with ESMTP; 15 Aug 2018 16:53:56 -0700
From:   Casey Schaufler <casey.schaufler@intel.com>
To:     kernel-hardening@lists.openwall.com, linux-kernel@vger.kernel.org,
        linux-security-module@vger.kernel.org, selinux@tycho.nsa.gov,
        SMACK-discuss@lists.01.org, casey.schaufler@intel.com,
        dave.hansen@intel.com, deneen.t.dock@intel.com,
        kristen@linux.intel.com, arjan@linux.intel.com
Subject: [PATCH RFC 0/5] LSM: Add and use a hook for side-channel safety checks
Date:   Wed, 15 Aug 2018 16:53:50 -0700
Message-Id: <20180815235355.14908-1-casey.schaufler@intel.com>
X-Mailer: git-send-email 2.17.0
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

This patchset provide a mechanism by which a security module
can advise the system about potential side-channel vulnerabilities.
If security_task_safe_sidechannel() returns 0 the security modules do
not know of any data that would be subject to a side-channel
attack. If the security module maintains data that it believes
may be susceptible to a side-channel attack it will return -EACCES.

Simple hooks are provided for SELinux and Smack. A new security
module is provided to make determinations regarding traditional
task attributes, including user IDs, capability sets and namespaces.

Signed-off-by: Casey Schaufler <casey.schaufler@intel.com>

---
 MAINTAINERS                        |   6 ++
 arch/x86/mm/tlb.c                  |  12 ++-
 include/linux/lsm_hooks.h          |  12 +++
 include/linux/security.h           |   1 +
 security/Kconfig                   |   1 +
 security/Makefile                  |   2 +
 security/security.c                |   6 ++
 security/selinux/hooks.c           |   9 +++
 security/sidechannel/Kconfig       |  60 ++++++++++++++
 security/sidechannel/Makefile      |   1 +
 security/sidechannel/sidechannel.c | 156 +++++++++++++++++++++++++++++++++++++
 security/smack/smack_lsm.c         |  18 +++++
 12 files changed, 280 insertions(+), 4 deletions(-)