New LSM hooks

Edwin Zimmerman edwin at 211mainstreet.net
Tue Feb 5 20:10:02 UTC 2019


On Tuesday, February 05, 2019 12:40 PM Casey Schaufler wrote:
> On 2/5/2019 10:28 AM, Edwin Zimmerman wrote:
> > On Tuesday, February 05, 2019 12:40 PM Casey Schaufler wrote:
> >...
> > Here's my suggestion for starters. According to kernel documentation, new
> > LSMs must be documented before being accepted.  Perhaps we need a
> > similar requirement for LSM hooks.
> 
> That would be handy. The documentation would need to cover
> the purpose for the hook and how a security module would be
> expected to use it.
> 
> > As I see it, LSMs are security additions,
> > not functionality patches for the rest of the kernel or for special hardware or
> > whatever.  Therefore, I also suggest that all new hooks be implemented in
> > at least two LSMs before being accepted.
> 
> I can't say this makes sense. The binder hooks are only
> useful for Android, and requiring Smack or AppArmor hooks
> be implemented isn't reasonable. It would be reasonable for
> the kernfs hook, as the kernfs hook is a workaround for the
> fact that kernfs doesn't use inodes.

You have a good point there.  I withdraw my "two LSMs" suggestions.



More information about the Linux-security-module-archive mailing list