Re: [PATCH V34 00/29] Lockdown as an LSM

[PATCH V34 00/29] Lockdown as an LSM · Matthew Garrett <hidden> · 2019-06-22
[PATCH V34 01/29] security: Support early LSMs · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 01/29] security: Support early LSMs · Kees Cook <hidden> · 2019-06-22
[PATCH V34 02/29] security: Add a "locked down" LSM hook · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 02/29] security: Add a "locked down" LSM hook · Kees Cook <hidden> · 2019-06-22
[PATCH V34 03/29] security: Add a static lockdown policy LSM · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 03/29] security: Add a static lockdown policy LSM · Kees Cook <hidden> · 2019-06-22
[PATCH V34 04/29] Enforce module signatures if the kernel is locked down · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 04/29] Enforce module signatures if the kernel is locked down · Kees Cook <hidden> · 2019-06-22
[PATCH V34 05/29] Restrict /dev/{mem,kmem,port} when the kernel is locked down · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 05/29] Restrict /dev/{mem,kmem,port} when the kernel is locked down · Kees Cook <hidden> · 2019-06-22
[PATCH V34 06/29] kexec_load: Disable at runtime if the kernel is locked down · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 06/29] kexec_load: Disable at runtime if the kernel is locked down · Kees Cook <hidden> · 2019-06-22
[PATCH V34 07/29] Copy secure_boot flag in boot params across kexec reboot · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 07/29] Copy secure_boot flag in boot params across kexec reboot · Kees Cook <hidden> · 2019-06-22
[PATCH V34 08/29] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 08/29] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE · Dave Young <hidden> · 2019-06-24
Re: [PATCH V34 08/29] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE · Dave Young <hidden> · 2019-06-25
[PATCH V34 10/29] hibernate: Disable when the kernel is locked down · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 10/29] hibernate: Disable when the kernel is locked down · Pavel Machek <hidden> · 2019-06-22
Re: [PATCH V34 10/29] hibernate: Disable when the kernel is locked down · Jiri Kosina <jikos@kernel.org> · 2019-06-24
Re: [PATCH V34 10/29] hibernate: Disable when the kernel is locked down · Joey Lee <JLee@suse.com> · 2019-07-10
Re: [PATCH V34 10/29] hibernate: Disable when the kernel is locked down · joeyli <hidden> · 2019-07-11
Re: [PATCH V34 10/29] hibernate: Disable when the kernel is locked down · Kees Cook <hidden> · 2019-06-22
[PATCH V34 11/29] PCI: Lock down BAR access when the kernel is locked down · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 11/29] PCI: Lock down BAR access when the kernel is locked down · Kees Cook <hidden> · 2019-06-22
[PATCH V34 12/29] x86: Lock down IO port access when the kernel is locked down · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 12/29] x86: Lock down IO port access when the kernel is locked down · Kees Cook <hidden> · 2019-06-22
[PATCH V34 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 15/29] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down · Kees Cook <hidden> · 2019-06-22
[PATCH V34 17/29] Prohibit PCMCIA CIS storage when the kernel is locked down · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 17/29] Prohibit PCMCIA CIS storage when the kernel is locked down · Kees Cook <hidden> · 2019-06-23
[PATCH V34 18/29] Lock down TIOCSSERIAL · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 18/29] Lock down TIOCSSERIAL · Kees Cook <hidden> · 2019-06-23
[PATCH V34 20/29] x86/mmiotrace: Lock down the testmmiotrace module · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 20/29] x86/mmiotrace: Lock down the testmmiotrace module · Kees Cook <hidden> · 2019-06-23
Re: [PATCH V34 20/29] x86/mmiotrace: Lock down the testmmiotrace module · Thomas Gleixner <hidden> · 2019-06-23
[PATCH V34 21/29] Lock down /proc/kcore · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 21/29] Lock down /proc/kcore · Kees Cook <hidden> · 2019-06-23
[PATCH V34 24/29] Lock down perf when in confidentiality mode · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 24/29] Lock down perf when in confidentiality mode · Kees Cook <hidden> · 2019-06-23
[PATCH V34 27/29] tracefs: Restrict tracefs when the kernel is locked down · Matthew Garrett <hidden> · 2019-06-22
[PATCH V34 28/29] efi: Restrict efivar_ssdt_load when the kernel is locked down · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 28/29] efi: Restrict efivar_ssdt_load when the kernel is locked down · Kees Cook <hidden> · 2019-06-23
Re: [PATCH V34 28/29] efi: Restrict efivar_ssdt_load when the kernel is locked down · Ard Biesheuvel <hidden> · 2019-06-25
[PATCH V34 29/29] lockdown: Print current->comm in restriction messages · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 29/29] lockdown: Print current->comm in restriction messages · Kees Cook <hidden> · 2019-06-23
[PATCH V34 26/29] debugfs: Restrict debugfs when the kernel is locked down · Matthew Garrett <hidden> · 2019-06-22
[PATCH V34 25/29] kexec: Allow kexec_file() with appropriate IMA policy when locked down · Matthew Garrett <hidden> · 2019-06-22
[PATCH V34 23/29] bpf: Restrict bpf when kernel lockdown is in confidentiality mode · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 23/29] bpf: Restrict bpf when kernel lockdown is in confidentiality mode · Kees Cook <hidden> · 2019-06-23
Re: [PATCH V34 23/29] bpf: Restrict bpf when kernel lockdown is in confidentiality mode · Daniel Borkmann <daniel@iogearbox.net> · 2019-06-24
Re: [PATCH V34 23/29] bpf: Restrict bpf when kernel lockdown is in confidentiality mode · Matthew Garrett <hidden> · 2019-06-24
Re: [PATCH V34 23/29] bpf: Restrict bpf when kernel lockdown is in confidentiality mode · Andy Lutomirski <luto@kernel.org> · 2019-06-24
Re: [PATCH V34 23/29] bpf: Restrict bpf when kernel lockdown is in confidentiality mode · Matthew Garrett <hidden> · 2019-06-24
Re: [PATCH V34 23/29] bpf: Restrict bpf when kernel lockdown is in confidentiality mode · Daniel Borkmann <daniel@iogearbox.net> · 2019-06-24
Re: [PATCH V34 23/29] bpf: Restrict bpf when kernel lockdown is in confidentiality mode · Matthew Garrett <hidden> · 2019-06-24
[PATCH V34 22/29] Lock down tracing and perf kprobes when in confidentiality mode · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 22/29] Lock down tracing and perf kprobes when in confidentiality mode · Kees Cook <hidden> · 2019-06-23
Re: [PATCH V34 22/29] Lock down tracing and perf kprobes when in confidentiality mode · Masami Hiramatsu <mhiramat@kernel.org> · 2019-06-23
[PATCH V34 19/29] Lock down module params that specify hardware parameters (eg. ioport) · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 19/29] Lock down module params that specify hardware parameters (eg. ioport) · Kees Cook <hidden> · 2019-06-23
Re: [PATCH V34 19/29] Lock down module params that specify hardware parameters (eg. ioport) · Daniel Axtens <hidden> · 2019-06-27
Re: [PATCH V34 19/29] Lock down module params that specify hardware parameters (eg. ioport) · Matthew Garrett <hidden> · 2019-06-27
[PATCH V34 16/29] acpi: Disable ACPI table override if the kernel is locked down · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 16/29] acpi: Disable ACPI table override if the kernel is locked down · Kees Cook <hidden> · 2019-06-23
[PATCH V34 13/29] x86/msr: Restrict MSR access when the kernel is locked down · Matthew Garrett <hidden> · 2019-06-22
[PATCH V34 14/29] ACPI: Limit access to custom_method when the kernel is locked down · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 14/29] ACPI: Limit access to custom_method when the kernel is locked down · Kees Cook <hidden> · 2019-06-22
[PATCH V34 09/29] kexec_file: Restrict at runtime if the kernel is locked down · Matthew Garrett <hidden> · 2019-06-22
Re: [PATCH V34 09/29] kexec_file: Restrict at runtime if the kernel is locked down · Kees Cook <hidden> · 2019-06-22
Re: [PATCH V34 09/29] kexec_file: Restrict at runtime if the kernel is locked down · James Morris <jmorris@namei.org> · 2019-06-27
Re: [PATCH V34 09/29] kexec_file: Restrict at runtime if the kernel is locked down · Matthew Garrett <hidden> · 2019-06-27
Re: [PATCH V34 09/29] kexec_file: Restrict at runtime if the kernel is locked down · James Morris <jmorris@namei.org> · 2019-06-27
Re: [PATCH V34 09/29] kexec_file: Restrict at runtime if the kernel is locked down · Matthew Garrett <hidden> · 2019-06-27
Re: [PATCH V34 00/29] Lockdown as an LSM · James Morris <jmorris@namei.org> · 2019-06-24
Re: [PATCH V34 00/29] Lockdown as an LSM · Casey Schaufler <casey@schaufler-ca.com> · 2019-06-24
Re: [PATCH V34 00/29] Lockdown as an LSM · Matthew Garrett <hidden> · 2019-06-24
Re: [PATCH V34 00/29] Lockdown as an LSM · James Morris <jmorris@namei.org> · 2019-06-25
Re: [PATCH V34 00/29] Lockdown as an LSM · John Johansen <john.johansen@canonical.com> · 2019-06-25

From: James Morris <jmorris@namei.org>
Date: 2019-06-24 23:01:56
Also in: linux-security-module, lkml

On Fri, 21 Jun 2019, Matthew Garrett wrote:

Minor updates over V33 - security_is_locked_down renamed to
security_locked_down, return value of security_locked_down is returned
in most cases, one unnecessary patch was dropped, couple of minor nits
fixed.

Thanks for the respin.

We are still not resolved on granularity. Stephen has said he's not sure 
if a useful policy can be constructed with just confidentiality and 
integrity settings. I'd be interested to know JJ and Casey's thoughts on 
lockdown policy flexibility wrt their respective LSMs.

These are also "all or nothing" choices which may prevent deployment due 
to a user needing to allow (presumably controlled or mitigated) exceptions 
to the policy.



-- 
James Morris
[off-list ref]

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help