Re: [PATCH v1] LSM: Enable multiple calls to security_add_hooks() for the same LSM
From: MickaÃl SalaÃn
Date: Sun Apr 30 2017 - 05:37:38 EST
On 30/04/2017 04:11, Tetsuo Handa wrote:
> Casey Schaufler wrote:
>> On 4/29/2017 12:02 PM, Mickael Salaun wrote:
>>> Check if the registering LSM already registered hooks just before. This
>>> enable to split hook declarations into multiple files without
>>> registering multiple time the same LSM name, starting from commit
>>> d69dece5f5b6 ("LSM: Add /sys/kernel/security/lsm").
>>
>> What's special about the previous registration? Keep it
>> simple and check it the name is already anywhere on the
>> list and only add it if it's not already there. I don't
>> see advantage to:
>>
>> % cat /sys/kernel/security/lsm
>> capability,yama,spiffy,selinux,spiffy
>>
>> over
>> % cat /sys/kernel/security/lsm
>> capability,yama,spiffy,selinux
>>
That was my first though, but then I realized that I don't see any use
case where an LSM would register hooks interleaved with other LSM. I
find the current approach simpler because we only search from the end of
the string and we do not handle special cases (e.g. matching only a
sub-name). Moreover, this approach respects the semantic describe in
Documentation/security/LSM.txt: "The list reflects the order in which
checks are made".
>
> - if (lsm_append(lsm, &lsm_names) < 0)
> + if (lsm && lsm_append(lsm, &lsm_names) < 0)
>
> in security_add_hooks()?
>
That was considered
[https://lkml.kernel.org/r/CAGXu5jJCvJ6-uZ=Kfhh3xD7UvaY+G99e9NXFMzvi=9OQzA6Ecg@xxxxxxxxxxxxxx]
but Kees and Casey seem to prefer the current approach.
Attachment:
signature.asc
Description: OpenPGP digital signature