Repair length logic in subject label processing (patch 0015) I will correct as appropriate]Ĭhange the BPF security module to use the lsmblob data. [I'm not sure I've given properĪttestation. Records patch (patch 0019-0021) in place of my "supplimental" Incorporate Richard Guy Briggs' non-syscall auxiliary Requiring data here is still a future problem. The possibility of multiple security modules The interfaces that use lsmblobs and store only a single Further revert UDS SO_PEERSEC to use scaffolding around Include more maintainers and mail lists in To: and Cc: directives. The interfaces are added rather than at the end. Introduce LSM documentation updates with the patches where Change /proc/*/attr/display to /proc/*/attr/interface_lsm to Subject context records that had been missed in the Pick up a few audit events that need to include supplimental Pull LSM "slot" identification from later audit patches in IMA rules when multiple LSMs are present. Provide a boot option to specify which LSM will be used in "unconfined" as that label is meaningful to both. Important to an integrity rule referrencing the label A system with Smack andĪppArmor would be unable to distinguish which LSM is Which of multiple LSMs is being targeted in the definition Address the IMA team's concerns about "label collisions".Ī label collision occurs when there is ambiguity about The IMA team suggested improvements to the integrity rule Security_task_getsecid_obj() and security_task_getsecid_subj(). Accomodate change from security_task_getsecid() to Simpler and reflects feedback from Paul Moore. Rework the subject audit record generation. Quote contexts in MAC_TASK_CONTEXTS and MAC_OBJ_CONTEXTSĪudit records because of AppArmor's use of '=' in context Provide IMA rules bounds checking (patch 04) This should be usable for other auxiliary data, such asĬontainer IDs. Generate the auxiliary records as needed on event end. AttachĪ list of supplimental data to the audit_buffer and Rework the supplimental audit record generation. Message, and use that in the compatibility decision. The binder hooks have been changed and are no longerĬalled with sufficient information to identify the Rules while IMA to restricts the information to a single Information about multiple security modules in audit This is done because audit needs to maintain Subsystem event matching functions with IMA specificįunctions. Replace the integrity sub-system reuse of the audit Incorporate feedback from Paul Moore on the audit Incorporate additional feedback from v30. The resulting code is considerably simpler and fits This time taking pseudo-code provided by Paul Moore as aīasis. Rework the supplimental audit record generation once more, Incorporate feedback on the audit generation. Returns -EINVAL, resulting in a failed setting of the Address the case in interface_lsm where the BPF module The resulting cid instances, although never No security modules that use secid slots are included. Address the case where CONFIG_SECURITY is enabled but Secids haveīeen replaced with lsmblob structures in all cases, including In the end no LSM interface scaffolding remains. Timestamp is managed allows auxiliary records to be generated Yet another rework of the audit changes. Address indexing an empty array for the case where noīuilt in security modules require data in struct lsmblob. Audit changes should be complete, all comments have been The format of data provided by lsm_self_attr() and the Add a user interface header uapi/linux/lsm.h which contains Patch set in support of the new system calls. Make more of the infrastructure data changes early in the That provides the values in /proc/./attr entries. Implement a pair of prctl() options PR_LSM_ATTR_SETĪnd PR_LSM_ATTR_GET. Implement a system call lsm_module_list() which providesĪ list of the security modules active on the system. Implement a system call lsm_self_attr() which providesĪ complete list of LSM process attributes. Discard the implementation of /proc/self/attr/display_lsm Discard the implementation of /proc/self/attr/context Will be addressed after these changes are upstream. These are primarily in the networking code and There are additional changes required for SELinux and Smack The AppArmor security module to stack safely with any other. This patchset provides the changes required for To: casey.schaufler, paul, linux-security-moduleĬc: casey, linux-audit, jmorris, selinux, keescook, john.johansen, ` (38 more replies) 0 siblings, 39 replies 68+ messages in threadįrom: Casey Schaufler 19:53 UTC ( / raw) 19:53 ` LSM: Identify modules by more than name Casey Schaufler LSM: Module stacking for AppArmor archive mirror help / color / mirror / Atom feed * LSM: Module stacking for AppArmor
0 Comments
Leave a Reply. |