Received: by 2002:ac0:bc90:0:0:0:0:0 with SMTP id a16csp1255900img; Tue, 19 Mar 2019 03:57:33 -0700 (PDT) X-Google-Smtp-Source: APXvYqx/WMuzVfh9YkOIp3ei3ARie6UcnzTepBpev/R5F0y/YGNbBHHyzWv3Qp76iB2+II0/vtqo X-Received: by 2002:a62:2a97:: with SMTP id q145mr1325705pfq.22.1552993053660; Tue, 19 Mar 2019 03:57:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1552993053; cv=none; d=google.com; s=arc-20160816; b=tBjT9ZOlFBPmNf/wMqEezxfZmPap+7OgA/rck62NEtLTIPAisW/lkZBWLv6jVrGCc9 ZB+QwllnsczljserA10yIvu2WhyyDBtsRw+tkadYf3d0EB84zn4MSI7DQX666/7dfSBd IcGTQNGNSPgOVPCjArEFK84/7dvMw0asBpD1RF5eSG8qkkBv1aDWoMRtsywKHsdJwrqf mHtk9QMT4uySzcDzKOhV66G5VnMrCRu5dpTUIukkZEFx9qLfgQ+Lw/rH+JeugtD0+GFA f+hRqfu9Kg1mZPGDqSbDYgxqN2LWm52bHSh8K/BUtqw6T5Ttb7qLPCtEHrrYUwgQVr0h SXlQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject; bh=lTDfm2zDtg3MiBpJmChiHd0EGyXypw83YPlpi++0Yt4=; b=A21vC6YFWNaPtVmcCBznW+LduNTJ46kYXfugyHYTZLemrR7yq6GuG6JGCZeCU1AiIL 9Fn/ZNGChyqz4sT/tPAObzAtpJLKC8/Irsz6KUdNlDLrqkFCtgyg8mhAN1UJ+Z5+2NCQ swSQ21+azfWcUgZEeOFz5crpYx7vydcz6iNPX7+z++Im+BIufiDyF/7mVmF9lJib91uX iRjmoxaQhsqgNcD2Bls7VNBgXHILQLY6uP6Wh05CvbQy3QE7LUm3K5VILR7SZ1xODQ1P SxeM128D62BaX2NNzJMVTyHZxW3fvRWvVNJmwKXN7L76uswcg2rDMGMOAgGMLdE6ADOi a25Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m22si10865011pgv.562.2019.03.19.03.57.18; Tue, 19 Mar 2019 03:57:33 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727218AbfCSK4j (ORCPT + 99 others); Tue, 19 Mar 2019 06:56:39 -0400 Received: from www262.sakura.ne.jp ([202.181.97.72]:39525 "EHLO www262.sakura.ne.jp" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726712AbfCSK4j (ORCPT ); Tue, 19 Mar 2019 06:56:39 -0400 Received: from fsav402.sakura.ne.jp (fsav402.sakura.ne.jp [133.242.250.101]) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTP id x2JAuPJR072932; Tue, 19 Mar 2019 19:56:25 +0900 (JST) (envelope-from penguin-kernel@i-love.sakura.ne.jp) Received: from www262.sakura.ne.jp (202.181.97.72) by fsav402.sakura.ne.jp (F-Secure/fsigk_smtp/530/fsav402.sakura.ne.jp); Tue, 19 Mar 2019 19:56:25 +0900 (JST) X-Virus-Status: clean(F-Secure/fsigk_smtp/530/fsav402.sakura.ne.jp) Received: from [192.168.1.8] (softbank126065253096.bbtec.net [126.65.253.96]) (authenticated bits=0) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTPSA id x2JAuIZn072901 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NO); Tue, 19 Mar 2019 19:56:25 +0900 (JST) (envelope-from penguin-kernel@i-love.sakura.ne.jp) Subject: Re: mount.nfs: Protocol error after upgrade to linux/master To: Casey Schaufler , Kees Cook Cc: Jakub Kicinski , linux-security-module , Trond Myklebust , "open list:NFS, SUNRPC, AND..." , Anna Schumaker , LKML References: <20190315110555.0807d015@cakuba.netronome.com> <20190315120105.5541ad46@cakuba.netronome.com> <20190315165440.53b9db3c@cakuba.netronome.com> From: Tetsuo Handa Message-ID: <2bf23acd-22c4-a260-7648-845887a409d5@i-love.sakura.ne.jp> Date: Tue, 19 Mar 2019 19:56:15 +0900 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.5.3 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Since Kees Cook seems to be busy now, here is my version... From 885553e4793d9af2d4e9e99c7d137b0ec7b5f8ad Mon Sep 17 00:00:00 2001 From: Tetsuo Handa Date: Tue, 19 Mar 2019 19:52:31 +0900 Subject: [PATCH] LSM: Revive CONFIG_DEFAULT_SECURITY_* for "make oldconfig" Commit 70b62c25665f636c ("LoadPin: Initialize as ordered LSM") removed CONFIG_DEFAULT_SECURITY_{SELINUX,SMACK,TOMOYO,APPARMOR,DAC} from security/Kconfig and changed CONFIG_LSM to provide a fixed ordering as a default value. That commit expected that existing users (upgrading from Linux 5.0 and earlier) will edit CONFIG_LSM value in accordance with their CONFIG_DEFAULT_SECURITY_* choice in their old kernel configs. But since users might forget to edit CONFIG_LSM value, this patch revives the choice (only for providing the default value for CONFIG_LSM) in order to make sure that CONFIG_LSM reflects CONFIG_DEFAULT_SECURITY_* from their old kernel configs. Reported-by: Jakub Kicinski Signed-off-by: Kees Cook Signed-off-by: Tetsuo Handa --- security/Kconfig | 36 +++++++++++++++++++++++++++++++++++- 1 file changed, 35 insertions(+), 1 deletion(-) diff --git a/security/Kconfig b/security/Kconfig index 1d6463f..743e594 100644 --- a/security/Kconfig +++ b/security/Kconfig @@ -239,9 +239,43 @@ source "security/safesetid/Kconfig" source "security/integrity/Kconfig" +choice + prompt "Default security module [superseded by 'Ordered list of enabled LSMs' below]" + default DEFAULT_SECURITY_SELINUX if SECURITY_SELINUX + default DEFAULT_SECURITY_SMACK if SECURITY_SMACK + default DEFAULT_SECURITY_TOMOYO if SECURITY_TOMOYO + default DEFAULT_SECURITY_APPARMOR if SECURITY_APPARMOR + default DEFAULT_SECURITY_DAC + + help + This choice is there only for converting CONFIG_DEFAULT_SECURITY in old + kernel config to CONFIG_LSM in new kernel config. Don't change this choice + unless you are creating a fresh kernel config, for this choice will be + ignored after CONFIG_LSM is once defined. + + config DEFAULT_SECURITY_SELINUX + bool "SELinux" if SECURITY_SELINUX=y + + config DEFAULT_SECURITY_SMACK + bool "Simplified Mandatory Access Control" if SECURITY_SMACK=y + + config DEFAULT_SECURITY_TOMOYO + bool "TOMOYO" if SECURITY_TOMOYO=y + + config DEFAULT_SECURITY_APPARMOR + bool "AppArmor" if SECURITY_APPARMOR=y + config DEFAULT_SECURITY_DAC + bool "Unix Discretionary Access Controls" + +endchoice + config LSM string "Ordered list of enabled LSMs" - default "yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor" + default "yama,loadpin,safesetid,integrity,selinux" if DEFAULT_SECURITY_SELINUX + default "yama,loadpin,safesetid,integrity,smack" if DEFAULT_SECURITY_SMACK + default "yama,loadpin,safesetid,integrity,tomoyo" if DEFAULT_SECURITY_TOMOYO + default "yama,loadpin,safesetid,integrity,apparmor" if DEFAULT_SECURITY_APPARMOR + default "yama,loadpin,safesetid,integrity" help A comma-separated list of LSMs, in initialization order. Any LSMs left off this list will be ignored. This can be -- 1.8.3.1