Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp1280695rwb; Wed, 9 Nov 2022 15:42:27 -0800 (PST) X-Google-Smtp-Source: AMsMyM6gXqZ26+VOpv+VeANRNQ/Vnitq+KME96FIkvqL9XqnJHgRDXSQ4CHPOfzjM/7m+owpdXQ2 X-Received: by 2002:a17:907:31c3:b0:770:852b:71a2 with SMTP id xf3-20020a17090731c300b00770852b71a2mr57977091ejb.557.1668037347737; Wed, 09 Nov 2022 15:42:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668037347; cv=none; d=google.com; s=arc-20160816; b=LRTBvy7UFH5p+UWhh6QHdOZcaEhUHJAbCwAUBDgXOlt9ISZG6KAjDfd3ms5RmMY8er T8jUwysAMB6IL3Tgg2r/tdirKbW3o0zdFdR4Tr6k46ZtWSTdtaYy7QivdAhzb5hzT++l uZtkP2YESvYVRNnvEg0zW2nypEtY2Fh5KZmcHzCOWaNSCe4pCjGj179j4Bzs9WIYjupG TvlsZafqLyfHTm+18qkZT2/s2qb3Ipq3nnyZOoH6U4e/9UP223pLPpp2+5OGBEFjzNeI QE4KyuUUgCAmJ9vXQYmdiJTsS5qNwndyGt0eS4JhcVcexJ7X1NfxjIQU/dK4uKHFblu4 OeNg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=7dLiDnqXQpyBzsozj56gFcsd4WQsntSnrI1Dq8cPcBA=; b=oEYsiK9u5OvG/Vffa88cEBaC5TRkfZF/RMal3hYqZp5w1Kx2ZX0cduFYLJPOCignXZ ZUNvZqoSZRviS/CIP15gVDKtZQaJoALZvQ1fHB+mhok0kfawK/2IEkczqx4MhKRfTZV0 5hRTJC0FdzFVpbb9ONAAAxyY/zWL38hMQrRS++sJC7KLjN130BTniHFWQBsyK+rre9AY YGchz6CNc2BvlwRACtgzBeA1BTaAe0Rrb10BGWgS88j5xxozh+UlT0WR6xZs15KtCejS mKcv+EGdQ+DMlAXiwFCPhQaPvdLsmIncb3ALzmDPKEcnJJUVVd39T8z8dRMyT6vx019U TVWw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20210112.gappssmtp.com header.s=20210112 header.b=tAoQMDHy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ga32-20020a1709070c2000b007ade20fc415si17867964ejc.811.2022.11.09.15.42.06; Wed, 09 Nov 2022 15:42:27 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20210112.gappssmtp.com header.s=20210112 header.b=tAoQMDHy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229872AbiKIXeC (ORCPT + 92 others); Wed, 9 Nov 2022 18:34:02 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40118 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229806AbiKIXd7 (ORCPT ); Wed, 9 Nov 2022 18:33:59 -0500 Received: from mail-ot1-x32e.google.com (mail-ot1-x32e.google.com [IPv6:2607:f8b0:4864:20::32e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 74A3FFCD4 for ; Wed, 9 Nov 2022 15:33:58 -0800 (PST) Received: by mail-ot1-x32e.google.com with SMTP id p8-20020a056830130800b0066bb73cf3bcso248479otq.11 for ; Wed, 09 Nov 2022 15:33:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20210112.gappssmtp.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=7dLiDnqXQpyBzsozj56gFcsd4WQsntSnrI1Dq8cPcBA=; b=tAoQMDHytMmH7nFKf9VCji2q1tB1MAtwBjWjOsgH0kuasg86nWhbMehYoTZQa2tCIs 3JC+5qYx9RPgmzc2WnpNJiFpcJqIHJxtEtyPhFWLp0VJUvAegB88t+cBEBnz9ADvXjKK PPYgPvw6HaCcpGmM6kv8Sq5jCliQ+kPFVbFD7QM/xMpygIa2ROCx1vBxsTsBUUxxsmeB /EZSur0XUfMYlMiF00TyjX3CwUzrXkSZcEibGpL/Ecl3XuLD9eCV7wKhUZtg9LIQ6DC3 i2uLpe3eJ1nRdSd3iDzc4j6na8Oqb/7a0xAo7ljjvrBZyHB0onMSEo1kYeK5okdbjSwO ljnA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=7dLiDnqXQpyBzsozj56gFcsd4WQsntSnrI1Dq8cPcBA=; b=ecYlT37kb72r0SfXFVDApyCzBbKlAFLWUcdnCEIW5Z13hBLE7CIDPcGvO4E50ddt2o JXBaRXtPJp2Q33E31z68C4kFR+24wP3vahKXqHxPD3INWg/FZpPd3YiT2aWJi4hDLjnb InoFhge5TH2uJXu1ZVUApivMmeTjcmxKZZNwjvoxoX3iwKHv5CiG+ECZjzynBc2MOc/D 6gOE6FeTOxaCgzEzlnUr+B+RyNaACYB928ZSOamNJjGiekWn/gD/lj7rjLG0awD+kiEo eTw6y+A7pMc4B+gayFtoGNurfEryqqXj32NSQ/2vgb1IdFgeZ0xhMT6goeLNgLfGqKjj iWAA== X-Gm-Message-State: ACrzQf0BQukeK/JAH2kyJ0BIh6uWmkTME7dKIeKfKJvlswY5KaXp3HaG GiBwUMwW4PdgRfHqNXTDsrd0M33apQ1TK8zDr83a X-Received: by 2002:a9d:1aa:0:b0:66c:6922:8640 with SMTP id e39-20020a9d01aa000000b0066c69228640mr870217ote.34.1668036837558; Wed, 09 Nov 2022 15:33:57 -0800 (PST) MIME-Version: 1.0 References: <20221025184519.13231-1-casey@schaufler-ca.com> <20221025184519.13231-3-casey@schaufler-ca.com> In-Reply-To: <20221025184519.13231-3-casey@schaufler-ca.com> From: Paul Moore Date: Wed, 9 Nov 2022 18:33:46 -0500 Message-ID: Subject: Re: [PATCH v1 2/8] LSM: Add an LSM identifier for external use To: Casey Schaufler Cc: casey.schaufler@intel.com, linux-security-module@vger.kernel.org, jmorris@namei.org, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Oct 25, 2022 at 2:45 PM Casey Schaufler wrote: > > Add an integer member "id" to the struct lsm_id. This value is > a unique identifier associated with each security module. The > values are defined in a new UAPI header file. Each existing LSM > has been updated to include it's LSMID in the lsm_id. > > The LSM ID values are sequential, with the oldest module > LSM_ID_CAPABILITY being the lowest value and the existing > modules numbered in the order they were included in the > main line kernel. The first 32 values (0 - 31) are reserved > for some as yet unknown but important use. > > Signed-off-by: Casey Schaufler > --- > include/linux/lsm_hooks.h | 1 + > include/uapi/linux/lsm.h | 32 ++++++++++++++++++++++++++++++++ > security/apparmor/lsm.c | 2 ++ > security/bpf/hooks.c | 2 ++ > security/commoncap.c | 2 ++ > security/landlock/setup.c | 2 ++ > security/loadpin/loadpin.c | 2 ++ > security/lockdown/lockdown.c | 2 ++ > security/safesetid/lsm.c | 2 ++ > security/selinux/hooks.c | 2 ++ > security/smack/smack_lsm.c | 2 ++ > security/tomoyo/tomoyo.c | 2 ++ > security/yama/yama_lsm.c | 2 ++ > 13 files changed, 55 insertions(+) > create mode 100644 include/uapi/linux/lsm.h Unless you're getting paid by the patch, I'd rather you combine patches 1/8 and 2/8 into a single patch. They are both pretty small, very related, and I don't want to see 1/8 merged anywhere without 2/8. > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h > index e383e468f742..dd4b4d95a172 100644 > --- a/include/linux/lsm_hooks.h > +++ b/include/linux/lsm_hooks.h > @@ -1607,6 +1607,7 @@ struct security_hook_heads { > */ > struct lsm_id { > const char *lsm; /* Name of the LSM */ > + int id; /* LSM ID */ > }; At the very least let's define lsm_id::id as an 'unsigned int' type, but since we are going to see the lsm_id::id token used as part of the kernel ABI (likely not in this struct) I agree with Greg's comments about making the size more explicit. I would suggest __u32/u32 as 32-bits should be plenty for this token. Given the other upstream discussions we may want to do something similar with lsm_id::lsm and __u8/u8. I'm pretty sure I saw a similar comment (by Greg?) elsewhere in this patchset when I was quickly skimming these on my phone while away ... -- paul-moore.com