Re: [kernel-hardening] [PATCH net-next v6 06/11] seccomp,landlock: Handle Landlock events per process hierarchy

From: Kees Cook
Date: Tue Apr 18 2017 - 18:55:01 EST

Next message: Logan Gunthorpe: "Re: [RFC 0/8] Copy Offload with Peer-to-Peer PCI Memory"
Previous message: Kees Cook: "Re: [PATCH net-next v6 06/11] seccomp,landlock: Handle Landlock events per process hierarchy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Mar 31, 2017 at 2:15 PM, MickaÃl SalaÃn <mic@xxxxxxxxxxx> wrote:
>
>
> On 29/03/2017 12:35, Djalal Harouni wrote:
>> On Wed, Mar 29, 2017 at 1:46 AM, MickaÃl SalaÃn <mic@xxxxxxxxxxx> wrote:
>
>>> @@ -25,6 +30,9 @@ struct seccomp_filter;
>>> struct seccomp {
>>> int mode;
>>> struct seccomp_filter *filter;
>>> +#if defined(CONFIG_SECCOMP_FILTER) && defined(CONFIG_SECURITY_LANDLOCK)
>>> + struct landlock_events *landlock_events;
>>> +#endif /* CONFIG_SECCOMP_FILTER && CONFIG_SECURITY_LANDLOCK */
>>> };
>>
>> Sorry if this was discussed before, but since this is mean to be a
>> stackable LSM, I'm wondering if later you could move the events from
>> seccomp, and go with a security_task_alloc() model [1] ?
>>
>> Thanks!
>>
>> [1] http://kernsec.org/pipermail/linux-security-module-archive/2017-March/000184.html
>>
>
> Landlock use the seccomp syscall to attach a rule to a process and using
> struct seccomp to store this rule make sense. There is currently no way
> to store multiple task->security, which is needed for a stackable LSM
> like Landlock, but we could move the events there if needed in the future.

It does stand out to me that the only thing landlock is using seccomp
for is its syscall... :P

-Kees

--
Kees Cook
Pixel Security

Next message: Logan Gunthorpe: "Re: [RFC 0/8] Copy Offload with Peer-to-Peer PCI Memory"
Previous message: Kees Cook: "Re: [PATCH net-next v6 06/11] seccomp,landlock: Handle Landlock events per process hierarchy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]