[PATCH] lsm: drop LSM_ID_IMA
Roberto Sassu
roberto.sassu at huaweicloud.com
Mon Oct 23 16:11:03 UTC 2023
On 10/23/2023 5:48 PM, Casey Schaufler wrote:
> On 10/23/2023 8:20 AM, Roberto Sassu wrote:
>> On 10/20/2023 11:56 PM, Casey Schaufler wrote:
>>> On 10/19/2023 1:08 AM, Roberto Sassu wrote:
>>>> On Wed, 2023-10-18 at 17:50 -0400, Paul Moore wrote:
>>>>> When IMA becomes a proper LSM we will reintroduce an appropriate
>>>>> LSM ID, but drop it from the userspace API for now in an effort
>>>>> to put an end to debates around the naming of the LSM ID macro.
>>>>>
>>>>> Signed-off-by: Paul Moore <paul at paul-moore.com>
>>>> Reviewed-by: Roberto Sassu <roberto.sassu at huawei.com>
>>>>
>>>> This makes sense according to the new goal of making 'ima' and 'evm' as
>>>> standalone LSMs.
>>>>
>>>> Otherwise, if we took existing LSMs, we should have defined
>>>> LSM_ID_INTEGRITY, associated to DEFINE_LSM(integrity).
>>>>
>>>> If we proceed with the new direction, I will add the new LSM IDs as
>>>> soon as IMA and EVM become LSMs.
>>>
>>> This seems right to me. Thank You.
>>
>> Perfect! Is it fine to assign an LSM ID to 'ima' and 'evm' and keep
>> the 'integrity' LSM to reserve space in the security blob without LSM
>> ID (as long as it does not register any hook)?
>
> That will work, although it makes me wonder if all the data in the 'integrity' blob
> is used by both IMA and EVM. If these are going to be separate LSMs they should probably
> have their own security blobs. If there is data in common then an 'integrity' blob can
> still makes sense.
Yes, at the moment there is data in common, and we would need to check
case-by-case. Would be good to do after moving IMA and EVM to the LSM
infrastructure.
Roberto
>> Thanks
>>
>> Roberto
>>
>>>> Roberto
>>>>
>>>>> ---
>>>>> include/uapi/linux/lsm.h | 15 +++++++--------
>>>>> 1 file changed, 7 insertions(+), 8 deletions(-)
>>>>>
>>>>> diff --git a/include/uapi/linux/lsm.h b/include/uapi/linux/lsm.h
>>>>> index eeda59a77c02..f0386880a78e 100644
>>>>> --- a/include/uapi/linux/lsm.h
>>>>> +++ b/include/uapi/linux/lsm.h
>>>>> @@ -54,14 +54,13 @@ struct lsm_ctx {
>>>>> #define LSM_ID_SELINUX 101
>>>>> #define LSM_ID_SMACK 102
>>>>> #define LSM_ID_TOMOYO 103
>>>>> -#define LSM_ID_IMA 104
>>>>> -#define LSM_ID_APPARMOR 105
>>>>> -#define LSM_ID_YAMA 106
>>>>> -#define LSM_ID_LOADPIN 107
>>>>> -#define LSM_ID_SAFESETID 108
>>>>> -#define LSM_ID_LOCKDOWN 109
>>>>> -#define LSM_ID_BPF 110
>>>>> -#define LSM_ID_LANDLOCK 111
>>>>> +#define LSM_ID_APPARMOR 104
>>>>> +#define LSM_ID_YAMA 105
>>>>> +#define LSM_ID_LOADPIN 106
>>>>> +#define LSM_ID_SAFESETID 107
>>>>> +#define LSM_ID_LOCKDOWN 108
>>>>> +#define LSM_ID_BPF 109
>>>>> +#define LSM_ID_LANDLOCK 110
>>>>> /*
>>>>> * LSM_ATTR_XXX definitions identify different LSM attributes
>>
More information about the Linux-security-module-archive
mailing list