[PATCH v5 5/5] sidechannel: Linux Security Module for sidechannel
James Morris
jmorris at namei.org
Thu Sep 27 21:45:00 UTC 2018
On Wed, 26 Sep 2018, Casey Schaufler wrote:
> + /*
> + * Namespace checks. Considered safe if:
> + * cgroup namespace is the same
> + * User namespace is the same
> + * PID namespace is the same
> + */
> + if (current->nsproxy)
> + ccgn = current->nsproxy->cgroup_ns;
> + if (p->nsproxy)
> + pcgn = p->nsproxy->cgroup_ns;
> + if (ccgn != pcgn)
> + return -EACCES;
> + if (current->cred->user_ns != p->cred->user_ns)
> + return -EACCES;
> + if (task_active_pid_ns(current) != task_active_pid_ns(p))
> + return -EACCES;
> + return 0;
I really don't like the idea of hard-coding namespace security semantics
in an LSM. Also, I'm not sure if these semantics make any sense.
It least make it user configurable.
--
James Morris
<jmorris at namei.org>
More information about the Linux-security-module-archive
mailing list