Re: [PATCH] kconfig: Add kernel config option for fuzz testing.

From: Matthew Garrett
Date: Thu Jan 02 2020 - 14:57:26 EST

Next message: Bjorn Andersson: "Re: [PATCH v3 7/9] arm64: dts: sdm845: thermal: Add critical interrupt support"
Previous message: Bjorn Andersson: "Re: [PATCH v3 6/9] drivers: thermal: tsens: Add watchdog support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Dec 17, 2019 at 12:53 AM Dmitry Vyukov <dvyukov@xxxxxxxxxx> wrote:
> +Matthew for a lockdown question
> We are considering [ab]using lockdown (you knew this will happen!) for
> fuzzing kernel. LOCKDOWN_DEBUGFS is a no-go for us and we may want a
> few other things that may be fuzzing-specific.
> The current inflexibility comes from the global ordering of levels:
>
> if (kernel_locked_down >= level)
> if (kernel_locked_down >= what) {
>
> Is it done for performance? Or for simplicity?

Simplicity. Based on discussion, we didn't want the lockdown LSM to
enable arbitrary combinations of lockdown primitives, both because
that would make it extremely difficult for userland developers and
because it would make it extremely easy for local admins to
accidentally configure policies that didn't achieve the desired
outcome. There's no inherent problem in adding new options, but really
right now they should fall into cases where they're protecting either
the integrity of the kernel or preventing leakage of confidential
information from the kernel.

Next message: Bjorn Andersson: "Re: [PATCH v3 7/9] arm64: dts: sdm845: thermal: Add critical interrupt support"
Previous message: Bjorn Andersson: "Re: [PATCH v3 6/9] drivers: thermal: tsens: Add watchdog support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]