Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp3922701rdg; Wed, 18 Oct 2023 09:36:12 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEKrjmAZAHRc3AYA+8jWugxtTHN7fgq2G6D1c1hiTXVm1WStWDQIw9ysoS21X256eRJP03v X-Received: by 2002:a17:902:e491:b0:1c9:e072:33a8 with SMTP id i17-20020a170902e49100b001c9e07233a8mr4758479ple.61.1697646971800; Wed, 18 Oct 2023 09:36:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697646971; cv=none; d=google.com; s=arc-20160816; b=FLBOQR/QKkj7sgLKzVu7ho6Juvtc0D6xuVqKFeAOeBihIjaTN4hIqGHcyp9L9K4WIi fLgDB9X1JC93e0MuUcPmcBcqjGLiJL3oCleO+nx7Q69NQmR5/H/L58n3sYHMp0mxij3A JClh4JH6zlhSylLmg2Cz+c6ajnT77TC3xJO4KZ1kyU61D6KMXBUqRrweuSlYubysI5NH n9C+x9ic//tYLJ1/wx/cKFoEEllSSPqzb7iaMf59pzKIVwuuRmW+KDmRMNsogNnGnper 3fpMjbrl04rw/LoklddbyUwFBOS5KoNSs7g7vHZMhjkcTlaww50UoCtx/e8bezBkL6bC sYuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=Yg1ixXD9WP2UwFv3eCuFIgDaKeSzuWksYgfLUmtsPLE=; fh=Ayh9dDXyRAyVeAsRyv9hUtuwydk9TSotrQ860DVwULI=; b=0oqDXP0Zp0PizYxUPy5dscJllnUVhADSnXKfemg40FG+VwpXy3bQaxDlsvM9bGDjWp SiVoF8SvWzUMlhbF5bYcrnAWeR+Sm+NCGFJKe4Eok9kkjDizLxsyA2AQopOZWZVHNfuk lvUhg/9woYzPcQHTxmOSKiOSLAFdTokvp2k2MpAWCxeq7QgD0SUZcEODiwSmZqMQcaNP wRUFOhoDWfphqqQVFJqMWQmDMovpO9XR8PRWPE256sVsSuqnvgXAtGADSBH9qUQVkSUX ivk1x2r4IlFa9tj/YzkDmUg/q1vd+45NwQYWrFo0LvoBiLRVVOYrDm7idm8XOsI/Fj5h maEQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore.com header.s=google header.b=YyjzUlMV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=paul-moore.com Return-Path: Received: from morse.vger.email (morse.vger.email. [23.128.96.31]) by mx.google.com with ESMTPS id j5-20020a170902c08500b001ca6809f9e7si194972pld.261.2023.10.18.09.36.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 Oct 2023 09:36:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) client-ip=23.128.96.31; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore.com header.s=google header.b=YyjzUlMV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=paul-moore.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by morse.vger.email (Postfix) with ESMTP id 9D9128056998; Wed, 18 Oct 2023 09:36:09 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at morse.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229537AbjJRQfy (ORCPT + 99 others); Wed, 18 Oct 2023 12:35:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39074 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229810AbjJRQfw (ORCPT ); Wed, 18 Oct 2023 12:35:52 -0400 Received: from mail-yb1-xb29.google.com (mail-yb1-xb29.google.com [IPv6:2607:f8b0:4864:20::b29]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BAC08BD for ; Wed, 18 Oct 2023 09:35:50 -0700 (PDT) Received: by mail-yb1-xb29.google.com with SMTP id 3f1490d57ef6-d9a3d737d66so7485124276.2 for ; Wed, 18 Oct 2023 09:35:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1697646950; x=1698251750; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=Yg1ixXD9WP2UwFv3eCuFIgDaKeSzuWksYgfLUmtsPLE=; b=YyjzUlMVr6NeIBZstb5IqDkkcck+5xjDdyastFAX+IA2reEOf2RmtoKTy2G1G5PXR8 8KopRCBxuHEPuPBIcqAWqe1g+86RNPddLDwuvPYW1qRNiA/bQO0k9u0BkAok9OC/6wDy QKQxpKIjq8f4dqtbJUpPHShIO577inw/fiuT8geddCX5xHrA9gQ+yWS9FQxiRTcrOSOI le763e1Fq2N6eHOpaDErlGS6/vKxK7UETnoGUjki13GwCsyzR/RIInWPU43A9JSbm4cD FLpZAoBYyGTYu5976WkvHizZRksdf815iH7cfFWToH/LzyYE8TDh+q5JiBjyAvUwMB4v VUDw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697646950; x=1698251750; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Yg1ixXD9WP2UwFv3eCuFIgDaKeSzuWksYgfLUmtsPLE=; b=u6Mind43de+KKMAvXRAwfmfu6ouKR3gOkkdrTMv+G5ezttknYf0+J5XpD/QEZyjw/8 uo4MeV+YGtFqZvBuweecnpRNSGJcxVf2ERFF/TMGyRDCqvrDIsmZIXXXKevZCC46e2hP CemCtcjMQH1154xt9avenFNVTVK4k6DEHnlC+0nUFYtmf6mAsH5tqCLUuavkvWV9yEBV 55y4FAp+b+l3KoWRM7TVNftfGT82bTtAuNK3q3vVIaR8jySl9NiWlscbeb3TBkjRPhHQ HvZmK021oNvfw87a3FJWAzQNuEn3zmJNL00CDg54S0b3Ne8Gm7o1Btq5b13Tq/8Czt6X rhpA== X-Gm-Message-State: AOJu0Yx7qOCTEj3xi7VynmDMwaDAbPOi5FF67SHLWzZLowSw+0kinkr1 kqp5OA2STWkzceWHBA+PiuwrVSy6843xotDrnMfb X-Received: by 2002:a5b:a:0:b0:d79:d23f:b49c with SMTP id a10-20020a5b000a000000b00d79d23fb49cmr5549383ybp.35.1697646949881; Wed, 18 Oct 2023 09:35:49 -0700 (PDT) MIME-Version: 1.0 References: <20230912205658.3432-1-casey.ref@schaufler-ca.com> <20230912205658.3432-1-casey@schaufler-ca.com> <468436cf766732a3cfc55d07ad119a6ccdc815c1.camel@huaweicloud.com> <6f33144c850c40e9438a6de2cf3004e223508755.camel@huaweicloud.com> <2637d5294d4a7ae871f1b758f5a30234836e2463.camel@huaweicloud.com> <283bf52d-af6e-4d20-a5ba-d98511c2e530@huaweicloud.com> In-Reply-To: <283bf52d-af6e-4d20-a5ba-d98511c2e530@huaweicloud.com> From: Paul Moore Date: Wed, 18 Oct 2023 12:35:38 -0400 Message-ID: Subject: Re: [PATCH v15 00/11] LSM: Three basic syscalls To: Roberto Sassu Cc: Mimi Zohar , Casey Schaufler , linux-security-module@vger.kernel.org, jmorris@namei.org, serge@hallyn.com, keescook@chromium.org, john.johansen@canonical.com, penguin-kernel@i-love.sakura.ne.jp, stephen.smalley.work@gmail.com, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, mic@digikod.net, linux-integrity@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]); Wed, 18 Oct 2023 09:36:09 -0700 (PDT) On Wed, Oct 18, 2023 at 10:15=E2=80=AFAM Roberto Sassu wrote: > On 10/18/2023 3:09 PM, Mimi Zohar wrote: ... > > I agree with Roberto. All three should be defined: LSM_ID_INTEGRITY, > > LSM_ID_IMA, LSM_ID_EVM. > > I did not try yet, but the 'integrity' LSM does not need an LSM ID. With > the last version adding hooks to 'ima' or 'evm', it should be sufficient > to keep DEFINE_LSM(integrity) with the request to store a pointer in the > security blob (even the init function can be a dummy function). First off, this *really* should have been brought up way, way, *way* before now. This patchset has been discussed for months, and bringing up concerns in the eleventh hour is borderline rude. At least we haven't shipped this in a tagged release from Linus yet, so there is that. If you want to add a unique LSM ID for both IMA and EVM, I'm okay with that, but if we do that I don't see the need for a dedicated ID for "integrity". Roberto, Mimi, one of you please send me a patch on top of lsm/next-queue that updates the LSM ID to look like the following (I believe EVM was added between AppArmor and Yama, yes?): #define LSM_ID_UNDEF 0 #define LSM_ID_CAPABILITY 100 #define LSM_ID_SELINUX 101 #define LSM_ID_SMACK 102 #define LSM_ID_TOMOYO 103 #define LSM_ID_IMA 104 #define LSM_ID_APPARMOR 105 #define LSM_ID_EVM 106 #define LSM_ID_YAMA 107 #define LSM_ID_LOADPIN 108 #define LSM_ID_SAFESETID 109 #define LSM_ID_LOCKDOWN 110 #define LSM_ID_BPF 111 #define LSM_ID_LANDLOCK 112 ... and also update the LSM registration code for IMA/EVM/etc. to do the right thing. Also, just to be clear, you should get this patch out ASAP. --=20 paul-moore.com