Received: by 2002:ac0:8c9a:0:0:0:0:0 with SMTP id r26csp3512805ima; Mon, 4 Feb 2019 00:09:18 -0800 (PST) X-Google-Smtp-Source: ALg8bN47hRdesSstPQSg7962cGA0Zx8g/7kcstxuJEb0nZNcHuV/rKYqNIoAo2kdMmEWGlkaJ488 X-Received: by 2002:a17:902:aa82:: with SMTP id d2mr50784051plr.153.1549267758377; Mon, 04 Feb 2019 00:09:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1549267758; cv=none; d=google.com; s=arc-20160816; b=Qy+HRIrmlKiCCDGDBdm816NbJdKNJhSsAEv9UnJ4QyxYoUJdC6m2OHMe7C9zuaw/Yi 0Ul8nkp1oqRqeOdd/ycrROiNVXtxISzezL6UjcuV5cd0qx7IcG/F6btqp2fENpS733DJ n1tGgS1TsqxlRr8Y0d6D0SpKnPLXfoM18l7MR2T8D1pZDtMb7k6sU49CheBKtpVlQN2a OTLbcPcGxdQwGY3JXUKun95Vnk4fCNZWvvdCED4QLvipzkm64DtOHCOQT4+oj4gEnNqU gaX0bOFZ5vwbof/AXjqCHzSgwtYINMEAGLezCrbr4HqPv+849nzP2oI8B/KXnmeFsvBC hkOA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=8gi8M+mE+ACoC9Qk4qSg00/7pIRn10WcvZjQQsyieQE=; b=fKWhgZrSeJ8qsHlkm5jt73xdaPCsfjRGBamnbkeotXAFUxnxEbDrKtP+ST0vl3YbXU JEbwHt/fPMaUmFfF4lpOZEZjQDMG2D8wTwlCYa5KbPfdyHme5Ro5zpwmVUENm2ieqarT 0eepwOGkBx8oZ670wpfYNbRWTy90EGIw6QtY9kYHSahBzC9WEuz9eWzK3SlkNx2bc8TO Pf3MhVp4A7XdMBG9xQ5StbKzykS8P3RtPx5hlmid9xQlFQRM1ziNW8Srj/C/AUfafxZP RFDeTQ9IhooiCf2YiKedfZNCC+LSkNGi00oA3RFzFdM6juthhV943YfG0rUakguvVWHJ B8TA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=lmQXMM5p; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k134si15188449pga.401.2019.02.04.00.09.02; Mon, 04 Feb 2019 00:09:18 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=lmQXMM5p; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728244AbfBDIIG (ORCPT + 99 others); Mon, 4 Feb 2019 03:08:06 -0500 Received: from mail-it1-f193.google.com ([209.85.166.193]:40868 "EHLO mail-it1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727213AbfBDIIG (ORCPT ); Mon, 4 Feb 2019 03:08:06 -0500 Received: by mail-it1-f193.google.com with SMTP id h193so19085628ita.5 for ; Mon, 04 Feb 2019 00:08:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=8gi8M+mE+ACoC9Qk4qSg00/7pIRn10WcvZjQQsyieQE=; b=lmQXMM5pu+qGilUQbhs+M7QqLV1DSVqce1wRnZu8hK4BLafxiJVBObt/HtNlnXYfrk KQ0jXYLZvPFCJWbzh7dJ0H+4Osw5CsJDUd4RYMaZ13GOr8AaEgYZ3hYBfJFRnezzA71c kjHBXGDlLds8uCVJIDfg9+gEAK/nHZ8bgsBSXjNCjfDj6qazU5RHdW3brTwWP9sBMWFv i2cDgLsMIKHHrgyhlh5QT4v+qBcjrOqU0ZWgOkqpnfRIiNs++HmlGNb1swpDiyLGkWe3 LfrAc/lc/lQEdQsEHQstgLu06oyqGDz9s4ppGv8gOGKXQkrTgD0ZSIZbx9uS3LTgLDm2 M73g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=8gi8M+mE+ACoC9Qk4qSg00/7pIRn10WcvZjQQsyieQE=; b=i+M0qM0dIXSSyC6dsyeBWa1fPWeYrp+IJseRRXs+2XbSuU/K8N+HFGlo5YtMaZb+oT 4jMFORYHs6xo9A3CWc1KQijCkGF7ROlckbpqcLxId/r8o8GixYrz1+Zg6uBqItu0sKhA I2+nUTbrzwERBeN47s4pP1g/P3YD/M8byGyz+8lEF2UB/Xl8D5mThxw+bNaxfj8gZVli qVwPuOV2Lo//1/Enm8mT9KAVrRJNUk69qkimOgjNXBRAso0NWKs0IAzb4A6eGXcIrQut YooArtYd2O88yhbzH2wBA1O5wT5oITRtvonHuqyhWw6mbd+LUkO1l6acGji70iPwoczj FdCQ== X-Gm-Message-State: AHQUAub0HVDV9kBVqKJuSelXn7e/NVu9ts18FXFVIMwuLgrHLW/Oi0Na XetbeYOn+EAATIbz26XrLEgk+zUklu3xojk1rynDBQ== X-Received: by 2002:a24:6511:: with SMTP id u17mr8374306itb.12.1549267684913; Mon, 04 Feb 2019 00:08:04 -0800 (PST) MIME-Version: 1.0 References: <000000000000c178e305749daba4@google.com> <1ea19628-3bbe-2073-d623-824337c15ed6@tycho.nsa.gov> <6c9112a2-33f3-0c29-c944-1d129a0026e7@tycho.nsa.gov> <05340d28-36c2-267e-d54e-416fddfba211@i-love.sakura.ne.jp> <71e3652b-b222-0c3f-8b48-5980ddcaeb93@i-love.sakura.ne.jp> <52531a69-10ed-d263-be66-e707705597d6@i-love.sakura.ne.jp> In-Reply-To: <52531a69-10ed-d263-be66-e707705597d6@i-love.sakura.ne.jp> From: Dmitry Vyukov Date: Mon, 4 Feb 2019 09:07:54 +0100 Message-ID: Subject: Re: [PATCH] LSM: Allow syzbot to ignore security= parameter. To: Tetsuo Handa Cc: Casey Schaufler , Paul Moore , Stephen Smalley , syzbot , tyhicks@canonical.com, John Johansen , James Morris , LKML , linux-security-module@vger.kernel.org, Serge Hallyn , syzkaller-bugs , Jeffrey Vander Stoep , SELinux , Russell Coker , Laurent Bigonville , syzkaller , Andrew Morton Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Feb 1, 2019 at 2:09 PM Tetsuo Handa wrote: > > On 2019/02/01 19:50, Dmitry Vyukov wrote: > > On Fri, Feb 1, 2019 at 11:44 AM Tetsuo Handa > > wrote: > >> > >> On 2019/02/01 19:09, Dmitry Vyukov wrote: > >>> Thanks for the explanations. > >>> > >>> Here is the change that I've come up with: > >>> https://github.com/google/syzkaller/commit/aa53be276dc84aa8b3825b3416542447ff82b41a > >> > >> You are not going to apply this updated config to upstream kernels now, are you? > >> Removing CONFIG_DEFAULT_SECURITY="apparmor" from configs used by upstream kernels > >> will cause failing to enable AppArmor (unless security=apparmor is specified). > > > > > > We do use security=apparmor, see: > > https://github.com/google/syzkaller/blob/master/dashboard/config/upstream-apparmor.cmdline > > https://github.com/google/syzkaller/blob/master/dashboard/config/upstream-selinux.cmdline > > https://github.com/google/syzkaller/blob/master/dashboard/config/upstream-smack.cmdline > > > > Oh, security= parameter is explicitly specified on all targets? > Then, we can abuse CONFIG_DEBUG_AID_FOR_SYZBOT option. ;-) > > LSM folks, may we use this patch for linux-next.git ? > CONFIG_DEBUG_AID_FOR_SYZBOT is a linux-next.git-only kernel config option used by syzbot. Then we also need this on syzbot side, right? Otherwise it seems that all instances will default to a single security module. https://github.com/google/syzkaller/commit/ffec3d1894ffd05966b50efa49ca19af76c9ea81 > From c7d21f9c1c0b610ddea4233b89edf7d3140b8baf Mon Sep 17 00:00:00 2001 > From: Tetsuo Handa > Date: Fri, 1 Feb 2019 22:03:55 +0900 > Subject: [PATCH linux-next] LSM: Allow syzbot to ignore security= parameter. > > LSM is going to get infrastructure managed security blob support in Linux > 5.1, and it becomes possible to run TOMOYO with SELinux/Smack/AppArmor. > But for compatibility reason, since security= parameter makes it > impossible to run TOMOYO with SELinux/Smack/AppArmor, syzbot can't > test that combination. Therefore, this patch allows syzbot to temporarily > ignore security= parameter. This patch is meant for linux-next.git only, > and will be removed after infrastructure managed security blob support > went to linux.git. > > Signed-off-by: Tetsuo Handa > --- > security/security.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/security/security.c b/security/security.c > index ef03643..0632feb 100644 > --- a/security/security.c > +++ b/security/security.c > @@ -346,12 +346,14 @@ int __init security_init(void) > } > > /* Save user chosen LSM */ > +#ifndef CONFIG_DEBUG_AID_FOR_SYZBOT > static int __init choose_major_lsm(char *str) > { > chosen_major_lsm = str; > return 1; > } > __setup("security=", choose_major_lsm); > +#endif > > /* Explicitly choose LSM initialization order. */ > static int __init choose_lsm_order(char *str) > -- > 1.8.3.1 >