Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp2802231yba; Mon, 15 Apr 2019 21:04:01 -0700 (PDT) X-Google-Smtp-Source: APXvYqz1Mnwyeup5blz98pMhlxOJ6H1Eg2gpz5HO4vimccAijxTmAem4neViO3SIwlDpxpWk7Vrk X-Received: by 2002:aa7:8251:: with SMTP id e17mr62689988pfn.147.1555387441404; Mon, 15 Apr 2019 21:04:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555387441; cv=none; d=google.com; s=arc-20160816; b=GnX+tSGA7VMGkeJj2z7klkpO+qO3yIk4yMCdn1GPhKO6NIjxmI+ETVw7/px13PbPL9 u68jtym0b6p0J/kxrgWmAuXE2h1pllLC8+EPDwnhoEKk0QkVFLyFHzWbZXTmurvpB9+q PQqkGqOnJvHMU1WO/ZCaiELIGwfz+aqsR0Q3yuc/TL2wLCokSMnXgJKq89Dqb+REoBcr fRIsJNgYWI4UElq7h7vfj0MP+xRsUmspJpE1geBoTIEcpPJyQrs/z/rjLzAwhstQMOOM ZpgbFFTDZKoJKPOryUejX4ocbWqAMcefEnT6cLGk9NuFZ5N9Kh6cUTw3zwtfH7xuWNCZ oZmw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=K4Hi2EDpByuuaTOj5JqRIJr5mBTbxyLqBywD/dBt8gQ=; b=biNtCSTUeNbkQQ7ZFuqwOUVx3cRI9uUSP5ydFfRV6AaYue6coI+qkqGntDwmJoJRUF SQy5YLFdNaXfrqh5hXKc+E0E1UdnW2hyW++99APRC2R4U5ljt850BsN/vDqsB98o6BOD XXdCg5uXUp8RAGQdbEcrkE6nJff5yUWQmc1ZL4hooMPTcfoq9QZY817RgBwoDtgyLOh3 vECRW2j3hA32BWCAD1XFAWK6mvYLcq/KpnmmJFZedc6h9wZgWKn1ruR6xHZRb8z5UdQJ 4iZ1hXQQtyANITY0AuCJm2KJsNTG5jXVtn8h9/rfm7I23+WwSvIIrU8+GsZ5eLfyx0Le Q61g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=ebdoGELB; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g11si36506770plp.278.2019.04.15.21.03.45; Mon, 15 Apr 2019 21:04:01 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=ebdoGELB; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726320AbfDPEDH (ORCPT + 99 others); Tue, 16 Apr 2019 00:03:07 -0400 Received: from mail-ua1-f68.google.com ([209.85.222.68]:45217 "EHLO mail-ua1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725648AbfDPEDG (ORCPT ); Tue, 16 Apr 2019 00:03:06 -0400 Received: by mail-ua1-f68.google.com with SMTP id c13so6262539uao.12 for ; Mon, 15 Apr 2019 21:03:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=K4Hi2EDpByuuaTOj5JqRIJr5mBTbxyLqBywD/dBt8gQ=; b=ebdoGELBjqvkVlsWe7n7m/Mu2PyOKUXB+BAg5QBJOCtxizroZxIsIT1iJW3T1T6tuJ pMSBIRxKS5jb0R8r4BvL2FEBW+7hjlFIImBtLKB6OusOlHm37YbAnJOjI/mVRstmoMTV 13w2MfqekU8ZrSVRTidvGqSBHsqioV05ciC5k= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=K4Hi2EDpByuuaTOj5JqRIJr5mBTbxyLqBywD/dBt8gQ=; b=FRQ/zVtrkip0ixsetvG3VoXK7Ayg8V7yMZ8ioA6dVcVpr9C4MNYOXHutFcyXHt01rL albSuQMRLfpJHFyi8wfzNvNTFoeZjOt0zYeBtchgOPKmh+5g030W79IVdKA13A5KUnQG wA0V5DLFVUn5j2ANewrvvC7chxNfhAfvouofSx7api7pK5I6mbFbbj7jQePr9hc3erpP jMd0q4EsHoXIKzYSqGyO00zP1e9jJ1G/4yCItfZMaprh5lvSZBjhQG4Eb3hOnRTxSCCV vcn+6VnRwT8DeCb8ou0YLMIqQbOEjrbRy/IcTxasdlZ0dpEHO/l4t/WWWcFV7asSIw8X Sw6g== X-Gm-Message-State: APjAAAUH+r/uLPloeb31srqJlk06SJ9uI+n4V38lS1qDqokIF3dMVMmg gocdye6sCuUl2RhW/gUjRf83kzRQR3w= X-Received: by 2002:ab0:5384:: with SMTP id k4mr33707496uaa.11.1555387385999; Mon, 15 Apr 2019 21:03:05 -0700 (PDT) Received: from mail-vk1-f180.google.com (mail-vk1-f180.google.com. [209.85.221.180]) by smtp.gmail.com with ESMTPSA id r21sm5407433uao.12.2019.04.15.21.03.05 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 15 Apr 2019 21:03:05 -0700 (PDT) Received: by mail-vk1-f180.google.com with SMTP id s80so4129495vke.6 for ; Mon, 15 Apr 2019 21:03:05 -0700 (PDT) X-Received: by 2002:a1f:264b:: with SMTP id m72mr31777915vkm.43.1555387384831; Mon, 15 Apr 2019 21:03:04 -0700 (PDT) MIME-Version: 1.0 References: <20190411180117.27704-1-keescook@chromium.org> <20190411180117.27704-2-keescook@chromium.org> <947dbe9a-3444-6fe4-9f79-f8f210da8960@linux.com> In-Reply-To: <947dbe9a-3444-6fe4-9f79-f8f210da8960@linux.com> From: Kees Cook Date: Mon, 15 Apr 2019 23:02:53 -0500 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2 1/3] security: Create "kernel hardening" config area To: Alexander Popov Cc: Alexander Potapenko , Masahiro Yamada , James Morris , Nick Desaulniers , Kostya Serebryany , Dmitry Vyukov , Sandeep Patil , Laura Abbott , Randy Dunlap , Michal Marek , Emese Revfy , "Serge E. Hallyn" , Kernel Hardening , linux-security-module , linux-kbuild , LKML Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Apr 15, 2019 at 11:44 AM Alexander Popov wrote: > > On 11.04.2019 21:01, Kees Cook wrote: > > Right now kernel hardening options are scattered around various Kconfig > > files. This can be a central place to collect these kinds of options > > going forward. This is initially populated with the memory initialization > > options from the gcc-plugins. > > > > Signed-off-by: Kees Cook > > Hello Kees, hello everyone! > > After applying this series the kernel config looks like that: > > ... > ... > CONFIG_LSM="yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor" > > # > # Kernel hardening options > # > > # > # Memory initialization > # > CONFIG_INIT_STACK_NONE=y > # CONFIG_GCC_PLUGIN_STRUCTLEAK_USER is not set > # CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF is not set > # CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL is not set > # CONFIG_GCC_PLUGIN_STACKLEAK is not set > CONFIG_CRYPTO=y > > # > # Crypto core or helper > # > CONFIG_CRYPTO_ALGAPI=y > ... > ... > > What do you think about some separator between memory initialization options and > CONFIG_CRYPTO? This was true before too: ... # CONFIG_DEFAULT_SECURITY_DAC is not set CONFIG_LSM="yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor" CONFIG_XOR_BLOCKS=y CONFIG_ASYNC_CORE=y CONFIG_ASYNC_MEMCPY=y CONFIG_ASYNC_XOR=y CONFIG_ASYNC_PQ=y CONFIG_ASYNC_RAID6_RECOV=y CONFIG_CRYPTO=y ... Perhaps crypto/Kconfig's comment line could move to the top of the file? comment "Crypto core or helper" is what generates the separator... -- Kees Cook