Received: by 2002:ab2:620c:0:b0:1ef:ffd0:ce49 with SMTP id o12csp106766lqt; Mon, 18 Mar 2024 02:52:08 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUycah6cJiuTMMxw0/U5BJDQ5XO2Vf9e6YqdHHjNaIJ/9lK3XtYah07IDc10Qr0Lwydc3hkddiLDcL4z4dkX4LsNP0JeFyp1sgo8vPvDg== X-Google-Smtp-Source: AGHT+IGaIxLlOG+UZVs+rMHufhH8UDaqQgOsr4ODJxAJIdWGRT22PbYj31pvj00FcH7W9OhdZhKZ X-Received: by 2002:a05:6a00:39a1:b0:6e6:9a11:ccd8 with SMTP id fi33-20020a056a0039a100b006e69a11ccd8mr11913206pfb.14.1710755527977; Mon, 18 Mar 2024 02:52:07 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1710755527; cv=pass; d=google.com; s=arc-20160816; b=Np3H0a3LK1Y1GkfAdmlQuWE/0hfzwvstsNDeKGYP/uRz+Y76EYsP0gSfH7gzPtw4YH is3+uggXsmzYHZAFW8866tMAzPT1MFvNNh+R2dIaMZD2vojFd+YpBuslhvRzC3gyENHq WvnXyCo24udgix9p0MYUbq+0skS+bgzbgOPJErGKla1RyYETMCkwmsKPlmnPPjTZb3BV l03094G0ZBF2+hKwQRruEQWH3TciYcAe/Q7QiV7L/gHupYUhJoYdYDwcy5/lgRC0dPSJ 96quf6Oz8D16sEBdzlON07Hd9Fo6HFAxVHgyAzmkOEbi3X9EUrdE9CMC7Wfzhfhjn4sA k1Yw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=eo8X7Oi+jj8D7+znV/pi7r6fYPxloks3MWGn7KnjgJw=; fh=4EoVgzpgeQTxtvQueJMFvJs7uoHLdchuYvSIAvRv1Vg=; b=TwpjBMFMyTWQVzfClz5YNpwHb2QXS6PI7tsrhIxheJiP7Pf6QISktq89bfeJ00pJxs Bg9LbSbnfbNIfDce93DNjknX9vtDPOQvF+g/x5yTOLQD+akLateb7Q+F1pFb1dliHuXS i1427fM/gyXQNlLNQyMl5SIY3ETKPlrMN3tsonDYy+rgtQ8m6XdlxlnCcPXR4K9Co2tV R/AX2ChIUt0kzA3ECyn6VThtcrfv7JKZ8zLyXeQO9ff+LpXFP83kQnVi+xISrI39LA03 THfc4DoMvjzDEGPOU7JYKr6Enzj/EL6FPSnnxLlWlmh+HeKSOx0XHXggwTHu4SRvelg1 tl4A==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=DA9dHlB5; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-105916-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-105916-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id lm5-20020a056a003c8500b006e6b95a346csi8951819pfb.330.2024.03.18.02.52.07 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 Mar 2024 02:52:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-105916-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=DA9dHlB5; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-105916-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-105916-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id A09E92821A7 for ; Mon, 18 Mar 2024 09:52:07 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id C35202D627; Mon, 18 Mar 2024 09:51:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="DA9dHlB5" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C05342D029; Mon, 18 Mar 2024 09:50:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710755459; cv=none; b=NnUS4vbaou9b4HLYbDpG2DgYhsXnzyn0uydd3XoSdj2nVFPmL+UbEhnzmMkiEsdxaq6VCzmLC58xjIwuFIw6rBz2VAZ5Kf97bk63P+aVWG4bE4nYx0J+QZNjvZRDmwueb8myirxfNm1u4Awq0T/QWJ27GFj140+gDWegTUNmalE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710755459; c=relaxed/simple; bh=GtiAsryJiIMLKj1emvBm1jrA0Ny409Z6CRr5ZugckOk=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=gKqGibSF0WuV4iAjZBe/IOw0OifWRVrtzeQMWM8xcSB0W0tucolz8Dj/gQRE9fz1Heb2BIrl8eDaaRGVwQ3gV4hBoLHmRP8YBCaSyJ0bVOZSpd1WseeoIGmbBV4tisbspdczUAtu0sGAXchali89Vg4M68H/YrJM0y1dpPg7XF8= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=DA9dHlB5; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2A03DC433F1; Mon, 18 Mar 2024 09:50:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1710755459; bh=GtiAsryJiIMLKj1emvBm1jrA0Ny409Z6CRr5ZugckOk=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=DA9dHlB5p7ohUneVhqHFIENoif6fuYu7DFC1HDuAjN7aPmSlAd0eV0a28SDFA4NAt HqR+UiYy3HGL5LJXGIn4oOVNxrDq/DHQUKoLn2k61aJ0fkoUzKNcXcMHpu+9WKxKjp y+c15lq/8gxstTVx9ckmPTDI/znWLJfB1/r1gL2M1qrwY5nI0bLoiy4+AybuQCCnNI muLqkWk5MsiyysDSYsfolRQ+aaFHUyoLc+QlvxlTUTANxwYFbXr1/ZyX+1Qd1Rf2m4 AHryrQU71AL+B+h6XK1If5k8odLHWDMtnFJJjQcc7usTvqAuzXFxXY8O2oLa0xXUpH DkEfIZn5h+OIg== Date: Mon, 18 Mar 2024 10:50:42 +0100 From: Alejandro Colomar To: =?utf-8?Q?Micka=C3=ABl_Sala=C3=BCn?= Cc: =?utf-8?Q?G=C3=BCnther?= Noack , Paul Moore , "Serge E . Hallyn" , Konstantin Meskhidze , Shervin Oloumi , linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, Kees Cook Subject: Re: [PATCH v2 1/2] landlock: Extend documentation for kernel support Message-ID: References: <20240227110550.3702236-1-mic@digikod.net> <20240307.oxQuab5tho0u@digikod.net> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="t2wrf6PLaMqwtsDi" Content-Disposition: inline In-Reply-To: <20240307.oxQuab5tho0u@digikod.net> --t2wrf6PLaMqwtsDi Content-Type: text/plain; protected-headers=v1; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Date: Mon, 18 Mar 2024 10:50:42 +0100 From: Alejandro Colomar To: =?utf-8?Q?Micka=C3=ABl_Sala=C3=BCn?= Cc: =?utf-8?Q?G=C3=BCnther?= Noack , Paul Moore , "Serge E . Hallyn" , Konstantin Meskhidze , Shervin Oloumi , linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, Kees Cook Subject: Re: [PATCH v2 1/2] landlock: Extend documentation for kernel support Hi Micka=C3=ABl, G=C3=BCnther, Sorry for the delay! On Thu, Mar 07, 2024 at 11:21:57AM +0100, Micka=C3=ABl Sala=C3=BCn wrote: > CCing Alejandro >=20 > On Tue, Feb 27, 2024 at 05:32:20PM +0100, G=C3=BCnther Noack wrote: > > On Tue, Feb 27, 2024 at 12:05:49PM +0100, Micka=C3=ABl Sala=C3=BCn wrot= e: > > > Extend the kernel support section with one subsection for build time > > > configuration and another for boot time configuration. > > >=20 > > > Extend the boot time subsection with a concrete example. > > >=20 > > > Update the journalctl command to include the boot option. > > >=20 > > > Cc: G=C3=BCnther Noack > > > Cc: Kees Cook > > > Signed-off-by: Micka=C3=ABl Sala=C3=BCn > > > --- > > >=20 > > > Changes since v1: > > > * New patch, suggested by Kees Cook. > > > --- > > > Documentation/userspace-api/landlock.rst | 57 +++++++++++++++++++++-= -- > > > 1 file changed, 51 insertions(+), 6 deletions(-) [...] > > > + > > > + lsm=3Dlandlock,lockdown,yama,integrity,apparmor > > > + > > > +After a reboot, we can check that Landlock is up and running by look= ing at > > > +kernel logs: > > > + > > > +.. code-block:: console > > > + > > > + # dmesg | grep landlock || journalctl -kb -g landlock > > > + [ 0.000000] Command line: [...] lsm=3Dlandlock,lockdown,yama,= integrity,apparmor > > > + [ 0.000000] Kernel command line: [...] lsm=3Dlandlock,lockdow= n,yama,integrity,apparmor > > > + [ 0.000000] LSM: initializing lsm=3Dlockdown,capability,landl= ock,yama,integrity,apparmor > > > + [ 0.000000] landlock: Up and running. > > > + > > > +Note that according to the built time kernel configuration, > >=20 > > s/built time/build time/ > > ^ >=20 > OK Here, this should actually be "build-time" since it works as an adjective. >=20 > >=20 > > It feels like the phrase "according to" could be slightly more specific= here. > >=20 > > To paraphrase Alejandro Colomar, "Note that" is usually redundant. > > https://lore.kernel.org/all/0aafcdd6-4ac7-8501-c607-9a24a98597d7@gmail.= com/ > >=20 > > I'd suggest: > >=20 > > The kernel may be configured at build time to always load the ``lockd= own`` and > > ``capability`` LSMs. In that case, these LSMs will appear at the beg= inning of > > the ``LSM: initializing`` log line as well, even if they are not conf= igured in > > the boot loader. LGTM >=20 > OK, I integrated your suggestion. I guess `capability` is not really > considered an LSM but it would be too confusing and out of scope for an > user documentation to explain that. >=20 > >=20 > > > +``lockdown,capability,`` may always stay at the beginning of the ``L= SM: > > > +initializing lsm=3D`` list even if they are not configured with the = bootloader, > >=20 > > Nit: The man pages spell this in two words as "boot loader". >=20 > OK, I'll use "boot loader" too. >=20 > >=20 > >=20 > > > +which is OK. > > > + > > > +Network support > > > +--------------- > > > + > > > To be able to explicitly allow TCP operations (e.g., adding a networ= k rule with > > > ``LANDLOCK_ACCESS_NET_BIND_TCP``), the kernel must support TCP > > > (``CONFIG_INET=3Dy``). Otherwise, sys_landlock_add_rule() returns an > > >=20 > > > base-commit: b4007fd27206c478a4b76e299bddf4a71787f520 > > > --=20 > > > 2.44.0 > > >=20 > >=20 > > Reviewed-by: G=C3=BCnther Noack >=20 > Thanks! Reviewed-by: Alejandro Colomar Have a lovely day! Alex --=20 Looking for a remote C programming job at the moment. --t2wrf6PLaMqwtsDi Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE6jqH8KTroDDkXfJAnowa+77/2zIFAmX4DnIACgkQnowa+77/ 2zJdTA//d7J8aVihMiGfZiCLI9GhosQmnzKqxH6nxyShkAcHLDoJYZfAPDpXfqwM DlQAXbMmO+WWQrBXMQ97vYvNE4g6ldl53CAb5X2R96KBhR8vXToXkm/DfvxIeeEF Gc+B20PgyRtWqs1fWwZ6kBpIOEv4vhi2+KSky1FQUmTp7tUQXUNd8IaB8/8pXxzY YP04T18MMZ8qOMVnC4PnfJm2gij39i45YG7m3OT6hiFwh+AztlK3fFAZdIBM1X1O HTq36UG3E2Zog6kE7SjIUeRXcN+GG/9XraeQkyjBuiAR+4EmA9Z6fOcz41j9pu7w 1fGpZ2i/19wTRkyAvzMZGjVUrCcItur/dkGuXAfzEvuuqsgLuLcabKqvz3EbLTme +DBSaB+Q9FIx3ema9i/X1k098GLgDrlwS755Q2whV2LnUXfhor2r+OT22kDVedby xpxdkOWTTkBjwsnApw0QVw75xEh+ozGmVhfqi8sSwwZ5NS3I3EzAEVNjMOJJvVZS UUbooDUYC1YUuBDlhZfWl3HcSPFseBx/BT9YBGs9qq30dGC2Rv8LGmxSXRRo4zYJ +cw9OJ9iCyogF9M4wcRK8WgzCVQ3Al6LlyAS42D+WiBJcmKXS+pFRzodb+HwtxBG X3G5U8RdRDbVhz/YaNx1Q9IZ0A4CW6WcYi5/G45RvN8LPH4M42o= =XEON -----END PGP SIGNATURE----- --t2wrf6PLaMqwtsDi--