Re: [PATCH] LSM: Reorder security_capset to do access checks properly

2016-06-01 Thread Casey Schaufler
On 6/1/2016 1:06 PM, Stephen Smalley wrote: > On 06/01/2016 03:27 PM, Casey Schaufler wrote: >> Subject: [PATCH] LSM: Reorder security_capset to do access checks properly >> >> The security module hooks that check whether a process should >> be able to set a new capset

[PATCH] LSM: Reorder security_capset to do access checks properly

2016-06-01 Thread Casey Schaufler
adds cap_capset to the module list. Instead, it is invoked directly by the LSM infrastructure. This isn't an approach that generalizes well. Signed-off-by: Casey Schaufler <ca...@schaufler-ca.com> --- security/commoncap.c | 2 +- security/security.c | 24 ++-- 2 files c

Re: [RFC PATCH 0/2] selinux: avoid nf hooks overhead when not needed

2016-04-15 Thread Casey Schaufler
On 4/15/2016 2:38 AM, Paolo Abeni wrote: > On Thu, 2016-04-14 at 18:53 -0400, Paul Moore wrote: >> On Tue, Apr 12, 2016 at 4:52 AM, Paolo Abeni wrote: >>> Will be ok if we post a v2 version of this series, removing the hooks >>> de-registration bits, but preserving the selinux

Re: [RFC PATCH 0/2] selinux: avoid nf hooks overhead when not needed

2016-04-13 Thread Casey Schaufler
On 4/13/2016 4:57 AM, Paolo Abeni wrote: > On Tue, 2016-04-12 at 06:57 -0700, Casey Schaufler wrote: >> On 4/12/2016 1:52 AM, Paolo Abeni wrote: >>> On Thu, 2016-04-07 at 14:55 -0400, Paul Moore wrote: >>>> On Thursday, April 07, 2016 01:45:32 AM Florian Westphal wrot

Re: [RFC PATCH v2 04/13] selinux: Allocate and free infiniband security hooks

2016-04-11 Thread Casey Schaufler
On 4/6/2016 4:33 PM, Dan Jurgens wrote: > From: Daniel Jurgens > > Implement and attach hooks to allocate and free Infiniband QP and MAD > agent security structures. > > Signed-off-by: Daniel Jurgens > Reviewed-by: Eli Cohen > --- >

Re: Exposing secid to secctx mapping to user-space

2015-12-15 Thread Casey Schaufler
On 12/15/2015 8:55 AM, Stephen Smalley wrote: > On 12/15/2015 11:06 AM, Casey Schaufler wrote: >> On 12/15/2015 7:00 AM, Stephen Smalley wrote: >>> On 12/14/2015 05:57 PM, Roberts, William C wrote: >>>> >>>>>> >>>>>> If I understa

Re: Exposing secid to secctx mapping to user-space

2015-12-14 Thread Casey Schaufler
On 12/11/2015 2:14 PM, Stephen Smalley wrote: > On 12/11/2015 02:55 PM, Paul Moore wrote: >> On Fri, Dec 11, 2015 at 1:37 PM, Daniel Cashman wrote: >>> Hello, >>> >>> I would like to write a patch that would expose, via selinuxfs, the >>> mapping between secids in the kernel

Re: Exposing secid to secctx mapping to user-space

2015-12-14 Thread Casey Schaufler
ecurity context string for export to userspace that could be embedded >>> in the binder transaction structure? This could avoid both the >>> limitations of the current secid (e.g. limited to 32 bits, no >>> stackability) and the overhead of copying context strings on

Re: Exposing secid to secctx mapping to user-space

2015-12-14 Thread Casey Schaufler
transaction structure? This could avoid both the >> limitations of the current secid (e.g. limited to 32 bits, no >> stackability) and the overhead of copying context strings on every IPC. > On Friday, December 11, 2015 04:24:48 PM Casey Schaufler wrote: >> How about this: Provide

Re: Exposing secid to secctx mapping to user-space

2015-12-11 Thread Casey Schaufler
On 12/11/2015 10:37 AM, Daniel Cashman wrote: > Hello, > > I would like to write a patch that would expose, via selinuxfs, the > mapping between secids in the kernel and security contexts to > user-space, but before doing so wanted to get some feedback as to > whether or not such an endeavor could

Re: [PATCH v3 7/7] Smack: Handle labels consistently in untrusted mounts

2015-11-17 Thread Casey Schaufler
-by: Seth Forshee <seth.fors...@canonical.com> Acked-by: Casey Schaufler <ca...@schaufler-ca.com> --- security/smack/smack_lsm.c | 29 +++-- 1 file changed, 19 insertions(+), 10 deletions(-) diff --git a/security/smack/smack_lsm.c b/security/smack/smack

Re: [PATCH v4 09/11] smack: namespace groundwork

2015-10-30 Thread Casey Schaufler
paced labels and Smack namespaces but the behaviour of Smack > should not be changed. The APIs are there, but they have no impact yet. > > Signed-off-by: Lukasz Pawelczyk <l.pawelc...@samsung.com> > Reviewed-by: Casey Schaufler <ca...@schaufler-ca.com> Acked-by: Casey Schauf

Re: [PATCH v4 07/11] smack: abstraction layer for 2 common Smack operations

2015-10-30 Thread Casey Schaufler
Pawelczyk <l.pawelc...@samsung.com> > Reviewed-by: Casey Schaufler <ca...@schaufler-ca.com> Acked-by: Casey Schaufler <ca...@schaufler-ca.com> > --- > security/smack/smack.h| 2 + > security/smack/smack_access.c | 41 > securit

Re: [PATCH v4 11/11] smack: documentation for the Smack namespace

2015-10-30 Thread Casey Schaufler
On 10/14/2015 5:42 AM, Lukasz Pawelczyk wrote: > Adds Documentation/smack-namespace.txt. > > Signed-off-by: Lukasz Pawelczyk <l.pawelc...@samsung.com> > Reviewed-by: Casey Schaufler <ca...@schaufler-ca.com> Acked-by: Casey Schaufler <ca...@schaufler-ca.com> >

Re: [PATCH v4 10/11] smack: namespace implementation

2015-10-30 Thread Casey Schaufler
t; The capabilities (CAP_MAC_ADMIN, CAP_MAC_OVERRIDE) has been allowed in > the namespace for few cases. Check the documentation for the details. > > Signed-off-by: Lukasz Pawelczyk <l.pawelc...@samsung.com> > Reviewed-by: Casey Schaufler <ca...@schaufler-ca.com> Acked-by: Casey Schaufler

Re: [PATCH v4 06/11] smack: don't use implicit star to display smackfs/syslog

2015-10-30 Thread Casey Schaufler
e an access, even thought reading the smackfs/syslog > returned the same result in both cases. > > Signed-off-by: Lukasz Pawelczyk <l.pawelc...@samsung.com> > Acked-by: Serge Hallyn <serge.hal...@canonical.com> Acked-by: Casey Schauf

Re: [PATCH v4 02/11] lsm: /proc/$PID/attr/label_map file and getprocattr_seq hook

2015-10-30 Thread Casey Schaufler
by seq operations. > > See the documentation in the patch below for the details about how to > use the hook. > > Signed-off-by: Lukasz Pawelczyk <l.pawelc...@samsung.com> > Acked-by: Serge Hallyn <serge.hal...@canonical.com> Acked-by: Casey Schaufler <ca...@

Re: [PATCH v4 03/11] lsm: add file opener's cred to a setprocattr arguments

2015-10-30 Thread Casey Schaufler
-by: Lukasz Pawelczyk <l.pawelc...@samsung.com> > Acked-by: Serge Hallyn <serge.hal...@canonical.com> Acked-by: Casey Schaufler <ca...@schaufler-ca.com> > --- > fs/proc/base.c | 2 +- > include/linux/lsm_hooks.h | 18 -- > include/linu

Re: [PATCH v4 04/11] lsm: inode_pre_setxattr hook

2015-10-30 Thread Casey Schaufler
ck namespace patches. > > Signed-off-by: Lukasz Pawelczyk <l.pawelc...@samsung.com> > Acked-by: Serge Hallyn <serge.hal...@canonical.com> Acked-by: Casey Schaufler <ca...@schaufler-ca.com> > --- > fs/xattr.c| 10 ++ > include/linux/lsm_ho

Re: [PATCH v2 1/2] security: Add hook to invalidate inode security labels

2015-10-05 Thread Casey Schaufler
On 10/4/2015 12:19 PM, Andreas Gruenbacher wrote: > Add a hook to invalidate an inode's security label when the cached > information becomes invalid. Where is this used? If I need to do the same for Smack or any other module, how would I know that it works right? > > Implement the new hook in

Re: [PATCH v3 6/7] Smack: Add support for unprivileged mounts from user namespaces

2015-09-16 Thread Casey Schaufler
On 9/16/2015 1:02 PM, Seth Forshee wrote: > Security labels from unprivileged mounts cannot be trusted. > Ideally for these mounts we would assign the objects in the > filesystem the same label as the inode for the backing device > passed to mount. Unfortunately it's currently impossible to >

<    1   2   3   4