Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp3143422imm; Sun, 16 Sep 2018 10:44:48 -0700 (PDT) X-Google-Smtp-Source: ANB0VdZBYk9CLTiuSUQJ1Gt5sxngYQNPncuYOwrlBQ31jK7081iU4auHW9XMRCUpeU8xRohh1bc6 X-Received: by 2002:a65:5284:: with SMTP id y4-v6mr19220350pgp.283.1537119888922; Sun, 16 Sep 2018 10:44:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1537119888; cv=none; d=google.com; s=arc-20160816; b=jw7CmfhmTgBMjO5P+G5V7R0Re7XPpJlU79WYrSvS1Sta5I/n+m66CLqH3aLbUlguc5 cAthWl1b7xWM7mYZt3EQsjtDUrn38Z5Yi+Iozym7nWIVFa2MPWptkag2usxdMSW6ERvh 9EiKB/lU0kwwYonVA4qQjx6Nfz5IQqn3ZbIg7lxzCGDNZzZdywKkQy7R29jvCspFKqHX 5la1x4i23zGvk3/3/lNAYvptzh5G0iR+wK2rX8/6rjVTVd1I8naXxM8jWk0CtBDbzls3 R1xNuDvGn5fLFr+9mE/i8vPb946/UIfpHgT44mqGCOa/SfIuRwcepnEgSevMzlVx/Pk4 mMrA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=qyCAQBduW8usSXdIAhYZPUboQwDlVu/e443hExwHrM0=; b=WBOL8RaIwizMozb3aUBYddGLfYdWHqA2crGncACqzS5Ct72PMThfuk1mII5/iQ5ezq r9lK4zt4q+hz1X0a0NMCd4SqVEG9kDOehFaNMYz8EuDA0LhwsOF/AypG+2xdJXVUyHEy IBE9fM9Jn5EOO8U/IKHU4deJOCFZSEjK8yxhbyZ6rzBfHAGfMEc/zvznoue+t5RZYTgH BaQ9lppUxpZdXPFE4yt9cDugfYH8JkHY/bt94iWJ6J8lmKOF6xmhIegZ0HxlbxFVMMOY Mtd9of5NBx7F6c2AQqSWfvxHb4vPl9eO2olSKirknp6RA3gVYlGiydcHRxy/KUl2dv7N z4rA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=jc2QnJjd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f5-v6si13337928pgr.262.2018.09.16.10.44.33; Sun, 16 Sep 2018 10:44:48 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=jc2QnJjd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728398AbeIPXIB (ORCPT + 99 others); Sun, 16 Sep 2018 19:08:01 -0400 Received: from mail-ua1-f67.google.com ([209.85.222.67]:34869 "EHLO mail-ua1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728239AbeIPXIB (ORCPT ); Sun, 16 Sep 2018 19:08:01 -0400 Received: by mail-ua1-f67.google.com with SMTP id m26-v6so9400152uap.2; Sun, 16 Sep 2018 10:44:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=qyCAQBduW8usSXdIAhYZPUboQwDlVu/e443hExwHrM0=; b=jc2QnJjdIeDD/9OZhb6gVx2j0PeWUJ0uasnqWANcR1ST6UPJTvS0CayTTcsxoZ2H1L M6TA1pLvLNPlG7nRE4SORAmZ4FMJATap+Fn6omfDZLZ9nT98djWm48gi10IG5Ie8jXQO SEOqpb/yAOI1SYL15QHHrz2d7ify2HZyh56tje6WvqWBVIbddlJOadg+lW2wDIboMawq OX0BTRG5kdTrRGv37laLQp+fLxMrGiong5e79FtbowWBd3Pr5aVRTAt9Hdj1I4gyk1m6 GKKNyX2Yy7TC3hDfIg+FR0hsbzNt9FT76j4dmA6+21Msy9sJa7NnmtZXfLV5bG1JWFg4 QQAw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=qyCAQBduW8usSXdIAhYZPUboQwDlVu/e443hExwHrM0=; b=eO4IijVq+SC5myC8BrpSPyommkWOVSKnser6UkH7Q9nH4c9WSJLLOH9s41EiKNW7t7 9xE5vdJTUOc1DdoA8ooGAo+nF6GRYJyy8poJPI/I/hZnf4+Gjrf9f6+uW7y79AsXpkxw B/DG+GOmamQ/SzjXzqjdfKR283AxAlM9y1BEholQIYBMbTNJqTz1kgFJjASSmKJOaG3G e5VWPFQHhTO//vX+JVW4zKjZbAkoPqtkCBoXl9lubpPYrK9+FR4k6iPS/n8mqC9b2kEK xCyiQCEXlShoBVNMugFMPf68+Vq5nSXtFIFzE7kXj7R+gUnoWAoM7E0PVYIkWzCOUQXe Yhmg== X-Gm-Message-State: APzg51DFdHVJIY/8JUMTfUomGk8qgUZhw9HHduPN1yupaHjCWXkd07Qv 4ESEQ0SPqxrXjPPfmUEpurNpSubmvj0COXCZQbY= X-Received: by 2002:ab0:6a6:: with SMTP id g35-v6mr6448305uag.16.1537119861042; Sun, 16 Sep 2018 10:44:21 -0700 (PDT) MIME-Version: 1.0 References: <1536516257-30871-1-git-send-email-s.mesoraca16@gmail.com> <20180909191903.GA2344@ravnborg.org> In-Reply-To: From: Salvatore Mesoraca Date: Sun, 16 Sep 2018 19:44:09 +0200 Message-ID: Subject: Re: [PATCH v2] kconfig: add hardened defconfig helpers To: yamada.masahiro@socionext.com Cc: sam@ravnborg.org, Kernel Hardening , linux-doc@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org, Jann Horn , corbet@lwn.net, keescook@chromium.org, labbott@redhat.com, michal.lkml@markovi.net, ebiederm@xmission.com Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Masahiro Yamada wrote: > > 2018-09-10 4:19 GMT+09:00 Sam Ravnborg : > > Hi Salvatore. > > > > On Sun, Sep 09, 2018 at 08:04:17PM +0200, Salvatore Mesoraca wrote: > >> Adds 4 new defconfig helpers (hardenedlowconfig, hardenedmediumconfig, > >> hardenedhighconfig, hardenedextremeconfig) to enable various hardening > >> features. > >> The list of config options to enable is based on KSPP's Recommended > >> Settings and on kconfig-hardened-check, with some modifications. > >> These options are divided into 4 levels (low, medium, high, extreme) > >> based on their negative side effects, not on their usefulness. > >> 'Low' level collects all those protections that have (almost) no > >> negative side effects. > >> 'Extreme' level collects those protections that may have so many > >> negative side effects that most people wouldn't want to enable them. > >> Every feature in each level is briefly documented in > >> Documentation/security/hardenedconfig.rst, this file also contain a > >> better explanation of what every level means. > >> To prevent this file from drifting from what the various defconfigs > >> actually do, it is used to dynamically generate the config fragments. > > > > In the above you nicely describes what is done. > > But there is nothing about the target group for this feature. > > Who will benefit from this? > > > > With respect to the actual implmentation we now > > have two ways to handle config fragments. > > Current solution is to save the config fragments in kernel/configs. > > And the new solution is to parse the config fragments from an rst file. > > The changelog fails to mentions why we need a new way to handle > > the config fragments. > > > I agree. > > Another new way this patch added is, > > CONFIG options are now described in the ReST document, > but our current way is to describe the detailed information > in the 'help' section in Kconfig files. This is true, but hardening features are quite different from other types of features or config options, because they can't be easily found, unless you already know what you are looking for. Many people need a single place that lists them all, clearly explaining why they might want them or not without having to bounce around different Kconfig parts. Thank you for your time, Salvatore