[PATCH v7 0/5] Reduce overhead of LSMs with static calls

Tetsuo Handa penguin-kernel at I-love.SAKURA.ne.jp
Thu Nov 2 10:30:03 UTC 2023


On 2023/11/02 19:01, KP Singh wrote:
> On Thu, Nov 2, 2023 at 10:42 AM Tetsuo Handa
> <penguin-kernel at i-love.sakura.ne.jp> wrote:
>>
>> I didn't get your response on https://lkml.kernel.org/r/c588ca5d-c343-4ea2-a1f1-4efe67ebb8e3@I-love.SAKURA.ne.jp .
>>
>> Do you agree that we cannot replace LKM-based LSMs with eBPF-based access control mechanisms,
>> and do you admit that this series makes LKM-based LSMs more difficult to use?
> 
> If you want to do a proper in-tree version of dynamic LSMs. There can
> be an exported symbol that allocates a dynamic slot and registers LSM
> hooks to it. This is very doable, but it's not my use case so, I am
> not going to do it.
> 
> No it does not make LKM based LSMs difficult to use. I am not ready to
> have that debate again.  I suggested multiple extensions in my replies
> which you chose to ignore.

You said

  I think this needs to be discussed if and when we allow LKM based LSMs."

as a response to

  It is Casey's commitment that the LSM infrastructure will not forbid LKM-based LSMs.
  We will start allowing LKM-based LSMs. But it is not clear how we can make it possible to
  allow LKM-based LSMs.

, and you suggested combination of static calls (for built-in LSMs) and
linked list (for LKM-based LSMs).

So, what is your answer to

  Until I hear the real limitations of using BPF, it's a NAK from me.

? Do you agree to allow dynamically appendable LSM modules?



More information about the Linux-security-module-archive mailing list