Received: by 2002:ac0:946b:0:0:0:0:0 with SMTP id j40csp2154081imj; Fri, 8 Feb 2019 13:34:03 -0800 (PST) X-Google-Smtp-Source: AHgI3IbiWkYciVG0h5ywhNHIG6L2AQK3aWSn4L7eDscYPlW4JIByZ2EHaxG0eLxpkceG0N6LGwF+ X-Received: by 2002:a17:902:a586:: with SMTP id az6mr24817899plb.298.1549661643159; Fri, 08 Feb 2019 13:34:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1549661643; cv=none; d=google.com; s=arc-20160816; b=xhwJgJueLHg6sqX0eG50UjQkiKsDF3TfaIijzYewsdxeG+EMZ3scJiukbCWmpnPeUc 95MLihefeIFEh27JzejLlk3g38aeHkZlHDJ1I4mOUr4hOY2iXB24BJV1LCLyC/g+0mYJ Bxh4NC3sqgMUxwc7PaNBjmtvVIu9ZGbxV9ub5cT5uyN8xQ/yueL7TIZxq+7DFszr57B8 h3KLQavFQqtjyqyZbG8aA8vxFiGC2PQyHDLYmkC/tzt90ethlFmLGFn459VxL5683Qj5 0T9stIL+kwiyie3wReismb+oCcxfr7xNfPE1PYRzCQYXTcZigTu1wJYt81FgI6I9xiqv iZwQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=H9oSgnPm07vwmWODWGHcHoCNDCiBPV7B6kOG9r5qu5s=; b=BfRhjxWw7FEiah1acNQST+PtRsfSxk61aUdgVwUacoxNiUFTTIFI21Mh9Y+Gfb8Aa5 Z5Ml1mj0p20ok//4D3P3RV/jqLQa1hSHcVZT42E1Yu06CiTn2y97TIrQPL2+3e4vsOfv AtaNxTI69vkd076Vs5bOMRKhIuEmqAmMnBiG6cHg+Jq+YuYsWw/H8LZPJeVSQiBhZ58O AcUFQUqNnOT/ZUzsoCQPWFebhgC9vd1BNE7hXQYZXBESIblofoLBeP+r5huP6JbOI188 GIfMSJE04Wa8Z7EG0hynsxmfShu20zQwjMcXtrEBMxm+fWB2ry5Vg1gJvUG9F57Rxd71 oqmw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=JrymG7lJ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m15si3288576pfd.3.2019.02.08.13.33.46; Fri, 08 Feb 2019 13:34:03 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=JrymG7lJ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727312AbfBHVd1 (ORCPT + 99 others); Fri, 8 Feb 2019 16:33:27 -0500 Received: from mail-vs1-f66.google.com ([209.85.217.66]:43897 "EHLO mail-vs1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726949AbfBHVd1 (ORCPT ); Fri, 8 Feb 2019 16:33:27 -0500 Received: by mail-vs1-f66.google.com with SMTP id x1so2972962vsc.10 for ; Fri, 08 Feb 2019 13:33:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=H9oSgnPm07vwmWODWGHcHoCNDCiBPV7B6kOG9r5qu5s=; b=JrymG7lJoXWsdlGvV/4XrNQKV5jFNCCv7L/CdKsF5P4YfcP2Qdm6BaAisbUTma5Sr5 5ZEj6Lg+JfPditlcaBaxH5uT/4F4vpWUSDCUoD6rEub+eC2hLSdRykft9yOhldj1bq5D O2qgglxnNx7XN59JI0RXLfuJ2BB5TsBgpdRMc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=H9oSgnPm07vwmWODWGHcHoCNDCiBPV7B6kOG9r5qu5s=; b=WeIxocGWrM/4yk9RmgNJlVWCDrHKs6jQiWiRW7Y/CGzkvqwyUBP0lCoW1qD1iFuD5V PKT5odyksuTBny0BpgxM3Wyha8w3gx6x9tKL51u4zgg4bJw8NZafszggtVVjHHnobI3t RsMiDetixPx/YGvq7ayXNUah7xOjvATvxk49ZvnhJEH2bJ+alroUsni122JA+dMboKHV 6StI/8/50vc+r33pKhAHC6aCtX3QwzFqqN0UVlyGL2+Vk+84ubQQgka/mpbkSlQ9bamG hN/iXM4YdTZPeWaiZZzBxr3NqKFq7thph9avOFdyRo/uNaAmTRbyzXBP+RKbz7B7MYeB ahLg== X-Gm-Message-State: AHQUAuY9Tpp8GXcEV7/u0iv4J+KLmNQt1hvb+L7DSk/c6f7HmoqVQneE eiEsQ1IvPdmt3AkWDvgacU4lSFxO+GI= X-Received: by 2002:a67:f9d5:: with SMTP id c21mr1638222vsq.124.1549661606141; Fri, 08 Feb 2019 13:33:26 -0800 (PST) Received: from mail-vs1-f52.google.com (mail-vs1-f52.google.com. [209.85.217.52]) by smtp.gmail.com with ESMTPSA id g195sm1034698vka.5.2019.02.08.13.33.25 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 08 Feb 2019 13:33:25 -0800 (PST) Received: by mail-vs1-f52.google.com with SMTP id e7so3010596vsc.2 for ; Fri, 08 Feb 2019 13:33:25 -0800 (PST) X-Received: by 2002:a67:848a:: with SMTP id g132mr9843074vsd.222.1549661604836; Fri, 08 Feb 2019 13:33:24 -0800 (PST) MIME-Version: 1.0 References: <8f48e1d0-c109-f8a9-ea94-9659b16cae49@i-love.sakura.ne.jp> <0d23d1a5-d4af-debf-6b5f-aaaf698daaa8@schaufler-ca.com> <201902070230.x172UUG6002087@www262.sakura.ne.jp> <6def6199-0235-7c37-974c-baf731725606@schaufler-ca.com> In-Reply-To: <6def6199-0235-7c37-974c-baf731725606@schaufler-ca.com> From: Kees Cook Date: Fri, 8 Feb 2019 13:33:13 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH] LSM: Allow syzbot to ignore security= parameter. To: Casey Schaufler Cc: Tetsuo Handa , Dmitry Vyukov , Paul Moore , Stephen Smalley , syzbot , Tyler Hicks , John Johansen , James Morris , LKML , linux-security-module , Serge Hallyn , syzkaller-bugs , Jeffrey Vander Stoep , SELinux , Russell Coker , Laurent Bigonville , syzkaller , Andrew Morton Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Feb 7, 2019 at 8:24 AM Casey Schaufler wrote: > I added Kees to the CC list. Kees, what to you think about > ignoring security= if lsm= is specified? I'm ambivalent. This was one of many earlier suggestions, and the consensus seemed to be "don't mix security= and lsm=". Why would anyone use both? -- Kees Cook