Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 14 Feb 2017 09:23:45 +1100 (AEDT)
From: James Morris <jmorris@...ei.org>
To: Kees Cook <keescook@...omium.org>
cc: Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>,
        linux-security-module <linux-security-module@...r.kernel.org>,
        "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>
Subject: Re: Re: [RFC PATCH 1/4] security: mark LSM hooks
 as __ro_after_init

On Mon, 13 Feb 2017, Kees Cook wrote:

> On Mon, Feb 13, 2017 at 2:33 AM, Tetsuo Handa
> <penguin-kernel@...ove.sakura.ne.jp> wrote:
> > James Morris wrote:
> >> As the regsitration of LSMs is performed during init and then does
> >> not change, we can mark all of the regsitration hooks as __ro_after_init.
> >>
> >> Signed-off-by: James Morris <james.l.morris@...cle.com>
> >
> > This patch makes LKM based LSMs (e.g. AKARI) impossible.
> > I'm not happy with this patch.
> 
> LKM based LSMs don't exist yet, and when they do, we may also have the
> "write rarely" infrastructure done, which LKM based LSMs can use to
> update the structures.

I think it would be a backwards step security-wise to allow dynamically 
loadable security modules.  The security risks of security code in the 
kernel should be aggressively minimized.


-- 
James Morris
<jmorris@...ei.org>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.