Re: [PATCH v15 01/11] LSM: Identify modules by more than name

(off-list ancestor, not in this archive)
[PATCH v15 00/11] LSM: Three basic syscalls · Casey Schaufler <casey@schaufler-ca.com> · 2023-09-12
[PATCH v15 01/11] LSM: Identify modules by more than name · Casey Schaufler <casey@schaufler-ca.com> · 2023-09-12
Re: [PATCH v15 01/11] LSM: Identify modules by more than name · Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> · 2023-09-15
Re: [PATCH v15 01/11] LSM: Identify modules by more than name · Casey Schaufler <casey@schaufler-ca.com> · 2023-09-15
Re: [PATCH v15 01/11] LSM: Identify modules by more than name · Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> · 2023-09-16
Re: [PATCH v15 01/11] LSM: Identify modules by more than name · Casey Schaufler <casey@schaufler-ca.com> · 2023-09-17
Re: [PATCH v15 01/11] LSM: Identify modules by more than name · Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> · 2023-09-20
Re: [PATCH v15 01/11] LSM: Identify modules by more than name · Kees Cook <hidden> · 2023-09-20
Re: [PATCH v15 01/11] LSM: Identify modules by more than name · Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> · 2023-09-23
Re: [PATCH v15 01/11] LSM: Identify modules by more than name · Kees Cook <hidden> · 2023-09-24
Re: [PATCH v15 01/11] LSM: Identify modules by more than name · Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> · 2023-09-24
Re: [PATCH v15 01/11] LSM: Identify modules by more than name · Kees Cook <kees@kernel.org> · 2023-09-24
Re: [PATCH v15 01/11] LSM: Identify modules by more than name · Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> · 2023-10-05
Re: [PATCH v15 01/11] LSM: Identify modules by more than name · Casey Schaufler <casey@schaufler-ca.com> · 2023-10-20
Re: [PATCH v15 01/11] LSM: Identify modules by more than name · Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> · 2023-10-21
Re: [PATCH v15 01/11] LSM: Identify modules by more than name · Casey Schaufler <casey@schaufler-ca.com> · 2023-10-21
Re: [PATCH v15 01/11] LSM: Identify modules by more than name · Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> · 2023-10-29
Re: [PATCH v15 01/11] LSM: Identify modules by more than name · Casey Schaufler <casey@schaufler-ca.com> · 2023-10-29
[PATCH v15 02/11] LSM: Maintain a table of LSM attribute data · Casey Schaufler <casey@schaufler-ca.com> · 2023-09-12
[PATCH v15 03/11] proc: Use lsmids instead of lsm names for attrs · Casey Schaufler <casey@schaufler-ca.com> · 2023-09-12
[PATCH v15 04/11] LSM: syscalls for current process attributes · Casey Schaufler <casey@schaufler-ca.com> · 2023-09-12
Re: [PATCH v15 04/11] LSM: syscalls for current process attributes · Mickaël Salaün <mic@digikod.net> · 2023-10-03
Re: [PATCH v15 04/11] LSM: syscalls for current process attributes · Paul Moore <paul@paul-moore.com> · 2023-10-06
Re: [PATCH v15 04/11] LSM: syscalls for current process attributes · Mickaël Salaün <mic@digikod.net> · 2023-10-09
Re: [PATCH v15 04/11] LSM: syscalls for current process attributes · Paul Moore <paul@paul-moore.com> · 2023-10-09
Re: [PATCH v15 04/11] LSM: syscalls for current process attributes · Mickaël Salaün <mic@digikod.net> · 2023-10-10
Re: [PATCH v15 04/11] LSM: syscalls for current process attributes · Paul Moore <paul@paul-moore.com> · 2023-10-10
[PATCH v15 05/11] LSM: Create lsm_list_modules system call · Casey Schaufler <casey@schaufler-ca.com> · 2023-09-12
Re: [PATCH v15 05/11] LSM: Create lsm_list_modules system call · Mickaël Salaün <mic@digikod.net> · 2023-10-03
Re: [PATCH v15 05/11] LSM: Create lsm_list_modules system call · Dmitry V. Levin <hidden> · 2024-03-12
Re: [PATCH v15 05/11] LSM: Create lsm_list_modules system call · Paul Moore <paul@paul-moore.com> · 2024-03-12
Re: [PATCH v15 05/11] LSM: Create lsm_list_modules system call · Casey Schaufler <casey@schaufler-ca.com> · 2024-03-12
Re: [PATCH v15 05/11] LSM: Create lsm_list_modules system call · Paul Moore <paul@paul-moore.com> · 2024-03-12
Re: [PATCH v15 05/11] LSM: Create lsm_list_modules system call · Casey Schaufler <casey@schaufler-ca.com> · 2024-03-12
Re: [PATCH v15 05/11] LSM: Create lsm_list_modules system call · Paul Moore <paul@paul-moore.com> · 2024-03-12
Re: [PATCH v15 05/11] LSM: Create lsm_list_modules system call · Dmitry V. Levin <hidden> · 2024-03-12
Re: [PATCH v15 05/11] LSM: Create lsm_list_modules system call · Kees Cook <hidden> · 2024-03-12
Re: [PATCH v15 05/11] LSM: Create lsm_list_modules system call · Casey Schaufler <casey@schaufler-ca.com> · 2024-03-12
Re: [PATCH v15 05/11] LSM: Create lsm_list_modules system call · Paul Moore <paul@paul-moore.com> · 2024-03-12
Re: [PATCH v15 05/11] LSM: Create lsm_list_modules system call · Casey Schaufler <casey@schaufler-ca.com> · 2024-03-12
Re: [PATCH v15 05/11] LSM: Create lsm_list_modules system call · Paul Moore <paul@paul-moore.com> · 2024-03-12
[PATCH v15 07/11] LSM: Helpers for attribute names and filling lsm_ctx · Casey Schaufler <casey@schaufler-ca.com> · 2023-09-12
Re: [PATCH v15 07/11] LSM: Helpers for attribute names and filling lsm_ctx · Mickaël Salaün <mic@digikod.net> · 2023-10-03
[PATCH v15 06/11] LSM: wireup Linux Security Module syscalls · Casey Schaufler <casey@schaufler-ca.com> · 2023-09-12
Re: [PATCH v15 06/11] LSM: wireup Linux Security Module syscalls · Mickaël Salaün <mic@digikod.net> · 2023-10-03
[PATCH v15 08/11] Smack: implement setselfattr and getselfattr hooks · Casey Schaufler <casey@schaufler-ca.com> · 2023-09-12
Re: [PATCH v15 08/11] Smack: implement setselfattr and getselfattr hooks · Mickaël Salaün <mic@digikod.net> · 2023-10-03
Re: [PATCH v15 08/11] Smack: implement setselfattr and getselfattr hooks · Casey Schaufler <casey@schaufler-ca.com> · 2023-10-20
Re: [PATCH v15 08/11] Smack: implement setselfattr and getselfattr hooks · Casey Schaufler <casey@schaufler-ca.com> · 2023-10-20
[PATCH v15 09/11] AppArmor: Add selfattr hooks · Casey Schaufler <casey@schaufler-ca.com> · 2023-09-12
[PATCH v15 11/11] LSM: selftests for Linux Security Module syscalls · Casey Schaufler <casey@schaufler-ca.com> · 2023-09-12
Re: [PATCH v15 11/11] LSM: selftests for Linux Security Module syscalls · Mickaël Salaün <mic@digikod.net> · 2023-10-03
[PATCH v15 10/11] SELinux: Add selfattr hooks · Casey Schaufler <casey@schaufler-ca.com> · 2023-09-12
Re: [PATCH v15 00/11] LSM: Three basic syscalls · Paul Moore <paul@paul-moore.com> · 2023-10-12
Re: [PATCH v15 00/11] LSM: Three basic syscalls · Paul Moore <paul@paul-moore.com> · 2023-10-13
Re: [PATCH v15 00/11] LSM: Three basic syscalls · Roberto Sassu <hidden> · 2023-10-16
Re: [PATCH v15 00/11] LSM: Three basic syscalls · Paul Moore <paul@paul-moore.com> · 2023-10-16
Re: [PATCH v15 00/11] LSM: Three basic syscalls · Roberto Sassu <hidden> · 2023-10-17
Re: [PATCH v15 00/11] LSM: Three basic syscalls · Paul Moore <paul@paul-moore.com> · 2023-10-17
Re: [PATCH v15 00/11] LSM: Three basic syscalls · Roberto Sassu <hidden> · 2023-10-17
Re: [PATCH v15 00/11] LSM: Three basic syscalls · Roberto Sassu <hidden> · 2023-10-18
Re: [PATCH v15 00/11] LSM: Three basic syscalls · Mimi Zohar <zohar@linux.ibm.com> · 2023-10-18
Re: [PATCH v15 00/11] LSM: Three basic syscalls · Roberto Sassu <hidden> · 2023-10-18
Re: [PATCH v15 00/11] LSM: Three basic syscalls · Paul Moore <paul@paul-moore.com> · 2023-10-18
Re: [PATCH v15 00/11] LSM: Three basic syscalls · Mimi Zohar <zohar@linux.ibm.com> · 2023-10-18
Re: [PATCH v15 00/11] LSM: Three basic syscalls · Paul Moore <paul@paul-moore.com> · 2023-10-18
Re: [PATCH v15 00/11] LSM: Three basic syscalls · Roberto Sassu <hidden> · 2023-10-19
Re: [PATCH v15 00/11] LSM: Three basic syscalls · Casey Schaufler <casey@schaufler-ca.com> · 2023-10-20
Re: [PATCH v15 00/11] LSM: Three basic syscalls · Roberto Sassu <hidden> · 2023-10-19
Re: [PATCH v15 00/11] LSM: Three basic syscalls · Paul Moore <paul@paul-moore.com> · 2023-11-13

From: Casey Schaufler <casey@schaufler-ca.com>
Date: 2023-10-20 19:53:04
Also in: linux-api, lkml

On 10/5/2023 5:58 AM, Tetsuo Handa wrote:

On 2023/09/13 5:56, Casey Schaufler wrote:

quoted

Create a struct lsm_id to contain identifying information about Linux
Security Modules (LSMs). At inception this contains the name of the
module and an identifier associated with the security module.  Change
the security_add_hooks() interface to use this structure.  Change the
individual modules to maintain their own struct lsm_id and pass it to
security_add_hooks().

I came to worry about what purpose does the LSM ID value (or more precisely,
"struct lsm_id") is used for. If the LSM ID value is used for only switch
{reading,writing} /proc/self/attr/ of specific LSM module's information, only
LSM modules that use /proc/self/attr/ will need the LSM ID value.

But this series uses "struct lsm_id" as one of arguments for security_add_hooks(),
and might be reused for different purposes.

Then, BPF-based LSMs (which are not considered as in-tree LSM modules, for
only BPF hook is considered as in-tree LSM module) might receive unfavorable
treatment than non BPF-based LSMs? 

[PATCH v15 05/11] says

  Create a system call to report the list of Linux Security Modules
  that are active on the system. The list is provided as an array
  of LSM ID numbers.
  
  The calling application can use this list determine what LSM
  specific actions it might take. That might include choosing an
  output format, determining required privilege or bypassing
  security module specific behavior.

but, at least, name of BPF-based LSMs won't be shown up in lsm_list_modules()
compared to non BPF-based LSMs? Then, the calling application can't use this
list determine what BPF-based LSM specific actions it might take?

That is correct. Just as knowing that your system is using SELinux won't
tell you whether a specific action might be permitted because that's driven
by the loaded policy, so too knowing that your system is using BPF won't
tell you whether a specific action might be permitted because that's driven
by the eBPF programs in place.

I wish we could stop people from saying "BPF-based LSM". BPF is the LSM. The
eBPF programs that implement a "policy" are NOT a LSM. There needs to be a
name for that, but LSM  is  not  it.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help