[PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock

[PATCH v2 00/10] LSM: Module stacking in support of S.A.R.A and Landlock · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-11
[PATCH 06/10] LSM: Infrastructure management of the file security blob · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-11
Re: [PATCH 06/10] LSM: Infrastructure management of the file security blob · Kees Cook <hidden> · 2018-09-13
[PATCH 07/10] SELinux: Abstract use of inode security blob · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-11
Re: [PATCH 07/10] SELinux: Abstract use of inode security blob · Kees Cook <hidden> · 2018-09-13
[PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-11
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Kees Cook <hidden> · 2018-09-13
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Paul Moore <paul@paul-moore.com> · 2018-09-13
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Kees Cook <hidden> · 2018-09-13
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Paul Moore <paul@paul-moore.com> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Kees Cook <hidden> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Paul Moore <paul@paul-moore.com> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Kees Cook <hidden> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Kees Cook <hidden> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · John Johansen <john.johansen@canonical.com> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Kees Cook <hidden> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Kees Cook <hidden> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Kees Cook <hidden> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Kees Cook <hidden> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Kees Cook <hidden> · 2018-09-15
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-15
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · James Morris <jmorris@namei.org> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · John Johansen <john.johansen@canonical.com> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Kees Cook <hidden> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Paul Moore <paul@paul-moore.com> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Jordan Glover <hidden> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Paul Moore <paul@paul-moore.com> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Jordan Glover <hidden> · 2018-09-14
Re: [PATCH 10/10] LSM: Blob sharing support for S.A.R.A and LandLock · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-14
[PATCH 01/10] procfs: add smack subdir to attrs · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-11
Re: [PATCH 01/10] procfs: add smack subdir to attrs · Ahmed S. Darwish <hidden> · 2018-09-11
Re: [PATCH 01/10] procfs: add smack subdir to attrs · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-12
Re: [PATCH 01/10] procfs: add smack subdir to attrs · Kees Cook <hidden> · 2018-09-13
[PATCH 02/10] Smack: Abstract use of cred security blob · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-11
Re: [PATCH 02/10] Smack: Abstract use of cred security blob · Kees Cook <hidden> · 2018-09-13
[PATCH 03/10] SELinux: Abstract use of cred security blob · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-11
Re: [PATCH 03/10] SELinux: Abstract use of cred security blob · Kees Cook <hidden> · 2018-09-13
[PATCH 04/10] LSM: Infrastructure management of the cred security blob · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-11
Re: [PATCH 04/10] LSM: Infrastructure management of the cred security blob · Kees Cook <hidden> · 2018-09-13
Re: [PATCH 04/10] LSM: Infrastructure management of the cred security blob · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-14
Re: [PATCH 04/10] LSM: Infrastructure management of the cred security blob · Kees Cook <hidden> · 2018-09-14
[PATCH 05/10] SELinux: Abstract use of file security blob · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-11
Re: [PATCH 05/10] SELinux: Abstract use of file security blob · Kees Cook <hidden> · 2018-09-13
[PATCH 08/10] Smack: Abstract use of inode security blob · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-11
Re: [PATCH 08/10] Smack: Abstract use of inode security blob · Kees Cook <hidden> · 2018-09-13
[PATCH 09/10] LSM: Infrastructure management of the inode security · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-11
Re: [PATCH 09/10] LSM: Infrastructure management of the inode security · Kees Cook <hidden> · 2018-09-13
Re: [PATCH v2 00/10] LSM: Module stacking in support of S.A.R.A and Landlock · James Morris <jmorris@namei.org> · 2018-09-12
Re: [PATCH v2 00/10] LSM: Module stacking in support of S.A.R.A and Landlock · James Morris <jmorris@namei.org> · 2018-09-13
Re: [PATCH v2 00/10] LSM: Module stacking in support of S.A.R.A and Landlock · Salvatore Mesoraca <hidden> · 2018-09-16
Re: [PATCH v2 00/10] LSM: Module stacking in support of S.A.R.A and Landlock · Casey Schaufler <casey@schaufler-ca.com> · 2018-09-16
Re: [PATCH v2 00/10] LSM: Module stacking in support of S.A.R.A and Landlock · Salvatore Mesoraca <hidden> · 2018-09-16

From: Kees Cook <hidden>
Date: 2018-09-14 05:18:06
Also in: linux-fsdevel, lkml, selinux

On Thu, Sep 13, 2018 at 5:03 PM, Casey Schaufler [off-list ref] wrote:

On 9/13/2018 4:51 PM, Kees Cook wrote:

quoted

So, before we can really make a decision, I think we have to decide:
should ordering be arbitrary for even this level of stacking?

Do we have a case where it matters? I know that I could write a
module that would have issues if one hook got called and another
didn't because because a precursor module hook failed. I don't
think that any of the existing modules have this problem.

FWIW, I prefer having explicit ordering that cannot be changed at
runtime. I'm just concerned about painting ourselves (further) into a
corner with security= suddenly gaining ordering semantics, but maybe I
can just ignore this and we can point and laugh at anyone who gets
burned by some future change to making it order-sensitive. :)

-Kees

-- 
Kees Cook
Pixel Security

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help