Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp127536imm; Thu, 13 Sep 2018 17:09:08 -0700 (PDT) X-Google-Smtp-Source: ANB0VdYFTG0hQH476EyLR3rPwDm43vZXHSIIie9bxuV2MWxlry8d9MJHjTJykufI/ky9ZbO5XAl/ X-Received: by 2002:a63:2506:: with SMTP id l6-v6mr9010484pgl.343.1536883747944; Thu, 13 Sep 2018 17:09:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1536883747; cv=none; d=google.com; s=arc-20160816; b=LLoqeY0GGg5T2Xc1IgCOVYhMTdGUUgkBF2bZ3xKudAE7P1sfAVcI3bQRAvzRbNE9/7 9LB83Te7ScItWHsy9YnvCvnTY5Ms8Zpu6od4fKW32JzFgwWaUFkTV7PGzW6MC67FL4V0 YXmgbeMl+aQH+lp3LNTVBXRo8O5vdYEqz4gl6IF5H9NA6FWGO4TNXtBPDIpDiz1MAAzd nDmDbbzaYO4Mn0hPc1qNv0hFuzplRZhoeLTSccnxpt+trgv4Pq2WYu3Qf3W9Iz0t1ss3 4JUa95ABtPJCDZNORSoeEJKOZPADIZHK0QmiYEQCy3QfeiOik129JA+ZMvetoTT2YVg4 tTeA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=66ahGOta3Ly9LRZ07VeRJfs7LhhBO7MxXqiHMG05RXg=; b=RwGGWzYu+fp8mnFYzn2eUc1vIEJ0khAghLNFYwV6Or1InX0Y8wKFeML+X5dCexSkOA 5EQhkJXuXu/Y6VDGX7cizwanT16RdI2yMgBV7EerithXwBkOSydRranbWugVtRXsRI62 +Tkn5/oQZRzHWLv+PJNzFouEwB9/dml77xBWIQ6MrzR1lnFgjmzQLB88XY49vSoL+t1y JQEa6emXGRYdCRKchGU/ydkaC8Rnu2ZCS+mKBxRnYBnW5xS/daRFitbDilaDUcnzMGk8 81vmqqoO85a5boGk+EdoLg+fDCe1TcRKorx1ZOu0CPksUXorEgAyIoJ9LY7IHzCo4W0a 8VOQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=PPSl+Aty; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f9-v6si5540360pgi.12.2018.09.13.17.08.52; Thu, 13 Sep 2018 17:09:07 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=PPSl+Aty; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727670AbeINFUc (ORCPT + 99 others); Fri, 14 Sep 2018 01:20:32 -0400 Received: from sonic304-28.consmr.mail.ne1.yahoo.com ([66.163.191.154]:38885 "EHLO sonic304-28.consmr.mail.ne1.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726911AbeINFUc (ORCPT ); Fri, 14 Sep 2018 01:20:32 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1536883724; bh=66ahGOta3Ly9LRZ07VeRJfs7LhhBO7MxXqiHMG05RXg=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From:Subject; b=PPSl+AtyqVKNxtfteyt5wt4uOozLzz0EofVQbNFxzzCoToHU959oD/gWjPMr2bVmv//ARYlnoYFuUk5x1PhsvE/TMdku30LzQcS5y6Z5hp6i8PlnFTdPQ3nhTj6h/xq3uiTy9q4BjW8emsdLg3PVrFKgSfTtNtiKRMXc4MuyIVAVuK6qR1Oe98gF3E7/tJxapfOZ4kNYLFINCPDIWtjjMwIUvyRGXhUW/JrEw2nu8Tx2BuDroZdv3PHlCb9uqK8I7iiKWseLFt9WbXxZvz6pTfr6d6SkJKEhGqMiEdwfCVJ7nNco34SVuKbrvn1OU1f8Yop8eEW+bsf+t6tBkCUY6Q== X-YMail-OSG: BvRM1jsVM1kc2IR_Q76p8iYOrG_Ojn6RNsJhGv6yde6jmQ2VGgQX5Aw8ga2a8Bn AT4mI5jBpjDckxP0LLe8LF6Qd26VR9rApWvbQN4LucLHmG4lGegnpn5s.H9pHBcGaYyWRSaVDIUz Ku11JVTq5EkkE_0yv_eIeM0s8RxESCZdNl9_Sj3YvORCbGm0msPUVisa1ei53zeyO7dCQpXX9._d pf7beaNGphjkQa8b.8dp.n_4YsBbKNuLf8aKlh9OgSPt364GYiupWtumkJNdqef.P2L4MbXmysqh 71zc5VEKlZsb7YDa9oNVi7ULTZRxu.RswxCcxb6ZqpBby9mmiAoBkLAinpgKkkuFbHi8Ib7Wyhfu lTv_1lnzn3bzOSW.6GQl8xdv0SltACFqqfs.IcArTrvkx95rD6nv_HIGBqfaFsJeszQTL8Ga7dH_ FxTZ7eKG0JsF6jwJH323172KUgej2dBL1oXa68QpS03HR9wKzyiT1gWHCAjnhBSzFs7.F.D3Nbg_ AZVnlJLlVws7WuBiY0u9hLAQXEpAAA22nuHMPzODNte4vZJwGjsVA6k2d0T3U3mPSnWzAjRtYbLS 2BlrzmG7Dd5dEUW0zH62Z5KaOyvam7gHVYkme9lqy1JC7j.TI1TDxFoUmSuIt4z71FUHFh2nZzO5 voakZeFwD49NtIphkja2Pd2TZQctaBqdCxV34zDbgb7qR7zPLVJmMqGMLsCG4DAQhkfjjBQjCZIw t576feV9I6QlakgEk7U9sUahStWXoLFC2K.N8bj4SkuxiedvkJBZadEZnZUKCxY7L4ZWqkN8kbiu 5tlc12As8arWWHAVOety7tUVEQAoDk80qdafhlg_Bp8eVMj5cE8mZxk8QZJsaNDF9Fdp6YVnl0ZB hxSgL5y9fidgFvtvfKfNhfqXb6TCMMUuVygeghEEGe2X3fcG7Z8MPORbuJ.u7gnh6SITYVMrT5KC JGoqFbWaYqwkeLpPIRgLE62LBz9N50L0NVxP2b7nCIgxb8qsgTK6LsVCeMLhZHkFHgezvc8ZVvSm YBH.bnvZCYRpuq760sEUjXnlkSra2 Received: from sonic.gate.mail.ne1.yahoo.com by sonic304.consmr.mail.ne1.yahoo.com with HTTP; Fri, 14 Sep 2018 00:08:44 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO [192.168.0.102]) ([67.169.65.224]) by smtp403.mail.ne1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 2d3f7c4a149abb53dce8b7ea864472ca; Fri, 14 Sep 2018 00:08:44 +0000 (UTC) Subject: Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock To: Kees Cook Cc: Paul Moore , linux-security-module , James Morris , LKML , SE Linux , John Johansen , Tetsuo Handa , Stephen Smalley , "linux-fsdevel@vger.kernel.org" , Alexey Dobriyan , "Schaufler, Casey" References: <99cb1ae7-8881-eb9a-a8cb-a787abe454e1@schaufler-ca.com> From: Casey Schaufler Message-ID: <5b983bba-049c-795a-3354-a2e8ab33cecf@schaufler-ca.com> Date: Thu, 13 Sep 2018 17:08:41 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Content-Language: en-US Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 9/13/2018 4:57 PM, Kees Cook wrote: > On Thu, Sep 13, 2018 at 4:51 PM, Casey Schaufler wrote: >> On 9/13/2018 4:06 PM, Kees Cook wrote: >>> - what order should any stacking happen? Makefile? security=? >> Makefile by default. > Okay, if ordering is by Makefile and everyone dislikes my > $lsm.enabled=0/1 thing, then these mean the same thing: > > security=selinux,tomoyo > security=tomoyo,selinux > > i.e. order of security= is _ignored_ in favor of the Makefile ordering. No, I think that the two lines above should have a different execution order. If we really need to specify multiple modules at boot time that is what makes the most sense. It's a matter of mechanics and probably another pass during the init process, but it's doable. If we determine it's necessary for this stage it is just work.