Received: by 2002:a25:b794:0:0:0:0:0 with SMTP id n20csp7427651ybh;
        Thu, 8 Aug 2019 15:48:15 -0700 (PDT)
X-Google-Smtp-Source: APXvYqy7QKQCFH55P+BPvTfwZ4OgypXtJH9/evzgqVE28g1xQ4XXozXbpkgT/AegN7dV3MGRXeRA
X-Received: by 2002:a63:ec48:: with SMTP id r8mr14144367pgj.387.1565304495633;
        Thu, 08 Aug 2019 15:48:15 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1565304495; cv=none;
        d=google.com; s=arc-20160816;
        b=PDKirk5gb5akko7XfBvsL/ylTB6szqbrNn2j8UrFPt+c1MYUCPR90OZ9qi+7ocylm+
         r/kf7KANVaadGP+F8oTPLEcyYBCq2UEQItkK8Vln2lDAj+p+Tgzw7Zm9GQmnfgXfD4J3
         2RLpSZvIvsSMvf0My2tM6aK8aDpP2ggyH6dXr0YMB2d0MddEVTE16OaYPL7kUAxsuqkr
         iY+3PhYcFei91oswNpvQGcaLA6QoXJQ5LVc15uqw+dcQth0nMym2+KCWX6XfS12C08Sg
         C7sbrZW9zWGVu3+DrDU9ynAt/djTa25o9Vn6ljWy2+92SLcqGD2X3PUQlmhdz6GhQd+g
         UvFA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:references
         :message-id:in-reply-to:subject:cc:to:from:date;
        bh=rdMGvCRoJbzciIE4uLvh+lJRrcMimgN47VzJro3djDU=;
        b=lffjT4iKWbO8ymMaZJCAyJsxqJQlp7cq9HcNLUXLYsJbVXJLf58AwAyKD3CuaUnsMp
         tMf8b8kIpLUPCCQd7UOiFOCgc12yN53yUuQTH79//BAD09MySWdIhuJaFXKqEPEVd852
         Qfr5ZlSSFCAv/DdnhPULotQuv2sWCG7arZXgIfSJSZPGHSZWOVp8CRkXTLoqOMOdy3yG
         n1XpRVRT5CVGcKU3fbM7BHm80FCrlHwzYQA26jCYwLCdkLaj4F0hVty2L9SO6St0J4DM
         USUq0RLtHYsA+KBW39Ndgrs7drnLeJI0hyj4NSX/sgzZ6lzgJ6L1FtKz3csXkoxROj/q
         5qyA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id w3si47100365plb.35.2019.08.08.15.48.00;
        Thu, 08 Aug 2019 15:48:15 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2404410AbfHHWnS (ORCPT <rfc822;stevepeted@gmail.com>
        + 99 others); Thu, 8 Aug 2019 18:43:18 -0400
Received: from namei.org ([65.99.196.166]:39598 "EHLO namei.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1732938AbfHHWnR (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 8 Aug 2019 18:43:17 -0400
Received: from localhost (localhost [127.0.0.1])
        by namei.org (8.14.4/8.14.4) with ESMTP id x78Mh5V0015311;
        Thu, 8 Aug 2019 22:43:05 GMT
Date:   Fri, 9 Aug 2019 08:43:05 +1000 (AEST)
From:   James Morris <jmorris@namei.org>
To:     Matthew Garrett <mjg59@google.com>
cc:     Jessica Yu <jeyu@kernel.org>,
        LSM List <linux-security-module@vger.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Linux API <linux-api@vger.kernel.org>,
        David Howells <dhowells@redhat.com>,
        Kees Cook <keescook@chromium.org>
Subject: Re: [PATCH V37 04/29] Enforce module signatures if the kernel is
 locked down
In-Reply-To: <CACdnJuu6gFQUQQOVj2MwL5+dx+XsBKY=Uq58r7F8Lr2C0Gi_TA@mail.gmail.com>
Message-ID: <alpine.LRH.2.21.1908090842390.14740@namei.org>
References: <20190731221617.234725-1-matthewgarrett@google.com> <20190731221617.234725-5-matthewgarrett@google.com> <20190801142157.GA5834@linux-8ccs> <CACdnJusD_9W9tFqwKptDTA8fZU8HrSvsEQhKo0WS9QxLpgz5tA@mail.gmail.com> <20190808100059.GA30260@linux-8ccs>
 <CACdnJuu6gFQUQQOVj2MwL5+dx+XsBKY=Uq58r7F8Lr2C0Gi_TA@mail.gmail.com>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, 8 Aug 2019, Matthew Garrett wrote:

> On Thu, Aug 8, 2019 at 3:01 AM Jessica Yu <jeyu@kernel.org> wrote:
> > If you're confident that a hard dependency is not the right approach,
> > then perhaps we could add a comment in the Kconfig (You could take a
> > look at the comment under MODULE_SIG_ALL in init/Kconfig for an
> > example)? If someone is configuring the kernel on their own then it'd
> > be nice to let them know, otherwise having a lockdown kernel without
> > module signatures would defeat the purpose of lockdown no? :-)
> 
> James, what would your preference be here? Jessica is right that not
> having CONFIG_MODULE_SIG enabled means lockdown probably doesn't work
> as expected, but tying it to the lockdown LSM seems inappropriate when
> another LSM could be providing lockdown policy and run into the same
> issue. Should this just be mentioned in the CONFIG_MODULE_SIG Kconfig
> help?

I agree and yes mention it in the help.  A respin of just this patch is 
fine.

-- 
James Morris
<jmorris@namei.org>