Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 16 Feb 2017 15:02:51 -0500
From: Daniel Micay <danielmicay@...il.com>
To: Casey Schaufler <casey@...aufler-ca.com>, Tetsuo Handa
	 <penguin-kernel@...ove.SAKURA.ne.jp>, jmorris@...ei.org
Cc: linux-security-module@...r.kernel.org, selinux@...ho.nsa.gov, 
	kernel-hardening@...ts.openwall.com
Subject: Re: Re: [RFC v2 PATCH 1/2] security: introduce
 CONFIG_SECURITY_WRITABLE_HOOKS

> >  At least one antivirus software (which allows
> > anonymous download of LKM source code) is using LSM hooks since
> > Linux 2.6.32
> > instead of rewriting syscall tables. We are already allowing
> > multiple concurrent
> > LSM modules (up to one fully armored module which uses "struct
> > cred"->security
> > field or exclusive hooks like security_xfrm_state_pol_flow_match(),
> > plus
> > unlimited number of lightweight modules which do not use "struct
> > cred"->security
> > nor exclusive hooks) as long as they are built into the kernel.
> > There is no
> > reason to keep LKM based LSM modules from antivirus software or
> > alike away.
> 
> We're not to the point where in-kernel modules are stacking fully.
> Not everyone is on board for that, but hope springs eternal. Part
> of the design criteria I'm working under is that it shouldn't
> preclude loadable modules, and I still think that's doable. The
> patch James proposed is completely compatible with this philosophy.
> You can argue that it requires a loadable module configuration be
> less "hardened", but the opponents of loadable modules say that is
> inherent to loadable modules.

FWIW, the full infrastructure for read-only data from PaX includes a way
to make data temporary writable for a kernel thread. In PaX,
__ro_after_init was/is called __read_only and pax_open_kernel /
pax_close_kernel make it usable for rarely written data. That could
easily land before loadable LSMs.
Download attachment "signature.asc" of type "application/pgp-signature" (867 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.