Received: by 2002:ac0:946b:0:0:0:0:0 with SMTP id j40csp286225imj; Wed, 13 Feb 2019 08:18:48 -0800 (PST) X-Google-Smtp-Source: AHgI3IYxPuawhiu84dApbCPZlYpkds/xwES0wkH/Hr9VoHtsfZ9HNKqrnNQ/B3i+TiC1dXu4FiQV X-Received: by 2002:a62:ca48:: with SMTP id n69mr1251925pfg.162.1550074728376; Wed, 13 Feb 2019 08:18:48 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1550074728; cv=none; d=google.com; s=arc-20160816; b=arpBQaCiX12JuhoAJC28vbXaRbQebGFlUQN5XGBr9+XRlREktqQ67XcDARW3uTbqM5 cHsMIn9CLrExWt3+04RXCNuV/GoD35ka5j1OlK49x9Od7zGkPXzM89CUWmgX63J5Lukd Kgl/UbxOWwPwaQNe63oGbWa3m3tZtivhtUmSnDFQoa5+THSQ57BwcTQIlxZzY2pUS0GN UEukx6bBELsBN9pQhaAtaKDPpd7pnMkJdqCddegMoShXQyndF1KAkFx6oESfUPGaa3Ji nH9DY9wSeNYq0QsP9em9RaLYRWxYNvoq1kKUvrSiIiJdy1C7EiAnkajUNiUW/9wsBzB5 GXrA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=ZmeWGtL2jJAgsHvJTpT8hEHPVvmez+a7kadxy+k1Zso=; b=Qp4apIcT+NdORlX2NIIopHyf3eUN7QsVGxjA0d9QVeCvxzDJmueXecOoa2HwHizpon KwjiDXky0Tny424t9POASudZkCdrTpPBkGT9rFpCN0Da0UJZm/Zn4TQyRywAK+TJyMOo e853u+UZ7igS0yRUoG1/T/Kh7ZqxnzUkybVfFUVtWvhB81KjrSZB0BGRrXQqa33g41MF 9RPZC/oV9+co71OrIHQ8IELn2wROElDp5LLNiRTHH8fgIPN45BpKkjcsO1bHr+dy5IIT 3+xnILRaCfp+nbW92X/H3HX8lUV3lVVnbwrQgWmxRWUDG9RGj6cNwHOLCeYr659zdcx6 lZxg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=QR45GSPP; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p66si16889246pfp.144.2019.02.13.08.18.32; Wed, 13 Feb 2019 08:18:48 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@yahoo.com header.s=s2048 header.b=QR45GSPP; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390007AbfBMQF6 (ORCPT + 99 others); Wed, 13 Feb 2019 11:05:58 -0500 Received: from sonic309-27.consmr.mail.gq1.yahoo.com ([98.137.65.153]:45904 "EHLO sonic309-27.consmr.mail.gq1.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729649AbfBMQF5 (ORCPT ); Wed, 13 Feb 2019 11:05:57 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1550073956; bh=ZmeWGtL2jJAgsHvJTpT8hEHPVvmez+a7kadxy+k1Zso=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From:Subject; b=QR45GSPP4PFIsLa/DPzaHHIr22eSGKfd5voWItvfC4HYrPKQPukyL1RGj3bypuERGyfxu8q2afUJbnCWc4vVcrmfkDcLI9x7xu7V0pHs8L688+yOjmr+iPwpiDex31WV+sGoS9/PQjC6+1rx9leQ7C0Uqgz0/42JYzqcjbx/54Wqour+lJxrxg5DSxxeONQ0jUKegpVmKSxZZ3RBWfhrivBTvq5XzaPtIotkF3GSLjGzdmey5a/I9K8dWmyTfHR4tTgLlHQyr+dBd0vvDUCeVZ3piOiJU+cWIvza1ynBg/ClD3/e0j3TtnuTBeaTeBl1TahSAi4laeNQUs+w8HqXIA== X-YMail-OSG: HaWF8QsVM1nwH7B3F3fBitwBOkn4RuGQXa8ru8uwhrgMDPl2.0qnGwg7IJRUCsc WFZDXWLuXNArsp4Pnq6ia7peb46Y_yqx7o4O93qlZRuRZWQ5_NxNacWcAe6zbSdD6Vc_N96_qwX8 tZ.7YZzMnReuOBvqyxp0VzxBzMaXMxbKP0fKc7cBY35Ifr41Oi_Qppdd9nIA3vWi7vDYS2ayuzVZ dprxeOYT_3XtqE_3wSF3nZwypSHt3AdqXkkMrPFFsN8j0Gg0MtM.NdqdtwSek.VxRyIf5Kt7yLSG xSLONdc8cV3OOMHkTR1n2bP6x4q_M9bV39b6PM2b2AN06fS8BWFEE9QwjNV3jJZdSuRvY8yzx7ti JszL8bTcRjCoa2875U4_8crJbOgoFo4t0nxfnUaw2hPFyweY8p3lTPnm7B9URrCnGmuD5VoxlH8j JDIqru53ZyN33YVOX8ihsiP0hXQgCOPNvU0V95NgsUzp4r.o7U4aS_zPQC917ezw3kBtJRLMTPje uDYYDbJE.5WWpCVlJf7dLCM7qR.NZfJ3GOyQCJ4dxH6iSTg8dCF.9UpNjUsXgHVlqr5.LQ_dl0vz .oJJ0yyw6cKNliUXsB366CqRO8PfWkoVpYxlx1w1AqWi4u0s9GcQQbdrP0FKnQGBmLppIIxAmLDw OQJuuEVkfj7mf.akqMfMk1qwPpoboHIZtnzB6TgzigybFQqlakeI2KpNKxLAUv8Zlx8kagK9.1oF L4BlBPQzLUm_Y54Il23l7_4VyPtr7B5bPPd6KL3AledrONcgMs9g1rcU0mUn92.FAwNMoiv3NI27 8NJcaMbzfEgGkaNaFHzixEF8pmzY2a3LeUn9z2SP.9KJewCXdxVTji99K88W883WYiSkI212pM8T XVS0Qi_HX71psLOicFYW.G2W4.fJQkuirGJmiCADQ0kuMgZjH1lMYA9ntGxRm10J9sYkyzBs2c08 XK00KqA15_9mH4O3z9lI4f9SCXL.IYmp0eCS_uGKSD7Ke5siAqIlRz_H9aPiXR6SHTgNpe30lcw7 sJqI3E0lOy4A3LWYK7wg29pHkU.aVBCepk5dE3Jtm6McCDKgDk7FuoG8YAqLiJkYMPC8Goq.f3EX dKAjCa_TCPhWoDrlmuBE47yVXA1c7dYQ- Received: from sonic.gate.mail.ne1.yahoo.com by sonic309.consmr.mail.gq1.yahoo.com with HTTP; Wed, 13 Feb 2019 16:05:56 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO [192.168.0.100]) ([67.169.65.224]) by smtp409.mail.gq1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 475e3725adb542197ca4c357eac8f865; Wed, 13 Feb 2019 16:05:52 +0000 (UTC) Subject: Re: [PATCH v2] LSM: Ignore "security=" when "lsm=" is specified To: Kees Cook , James Morris Cc: Tetsuo Handa , linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org References: <20190212182318.GA16669@beast> From: Casey Schaufler Message-ID: <5260689d-9016-bdf4-6070-13d2c88ac8a8@schaufler-ca.com> Date: Wed, 13 Feb 2019 08:05:45 -0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.5.0 MIME-Version: 1.0 In-Reply-To: <20190212182318.GA16669@beast> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Content-Language: en-US Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2/12/2019 10:23 AM, Kees Cook wrote: > To avoid potential confusion, explicitly ignore "security=" when "lsm=" is > used on the command line, and report that it is happening. > > Suggested-by: Tetsuo Handa > Signed-off-by: Kees Cook Acked-by: Casey Schaufler > --- > Documentation/admin-guide/kernel-parameters.txt | 10 ++++------ > security/security.c | 8 ++++++-- > 2 files changed, 10 insertions(+), 8 deletions(-) > > diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt > index 93d2c97f28fe..a0abd5f56e00 100644 > --- a/Documentation/admin-guide/kernel-parameters.txt > +++ b/Documentation/admin-guide/kernel-parameters.txt > @@ -2340,7 +2340,7 @@ > > lsm=lsm1,...,lsmN > [SECURITY] Choose order of LSM initialization. This > - overrides CONFIG_LSM. > + overrides CONFIG_LSM, and the "security=" parameter. > > machvec= [IA-64] Force the use of a particular machine-vector > (machvec) in a generic kernel. > @@ -4129,11 +4129,9 @@ > Note: increases power consumption, thus should only be > enabled if running jitter sensitive (HPC/RT) workloads. > > - security= [SECURITY] Choose a security module to enable at boot. > - If this boot parameter is not specified, only the first > - security module asking for security registration will be > - loaded. An invalid security module name will be treated > - as if no module has been chosen. > + security= [SECURITY] Choose a legacy "major" security module to > + enable at boot. This has been deprecated by the > + "lsm=" parameter. > > selinux= [SELINUX] Disable or enable SELinux at boot time. > Format: { "0" | "1" } > diff --git a/security/security.c b/security/security.c > index 3147785e20d7..23cbb1a295a3 100644 > --- a/security/security.c > +++ b/security/security.c > @@ -288,9 +288,13 @@ static void __init ordered_lsm_init(void) > ordered_lsms = kcalloc(LSM_COUNT + 1, sizeof(*ordered_lsms), > GFP_KERNEL); > > - if (chosen_lsm_order) > + if (chosen_lsm_order) { > + if (chosen_major_lsm) { > + pr_info("security= is ignored because it is superseded by lsm=\n"); > + chosen_major_lsm = NULL; > + } > ordered_lsm_parse(chosen_lsm_order, "cmdline"); > - else > + } else > ordered_lsm_parse(builtin_lsm_order, "builtin"); > > for (lsm = ordered_lsms; *lsm; lsm++)