| Message ID | 20180821000444.7004-1-casey.schaufler@intel.com (mailing list archive) |
|---|---|
| Headers | show
Return-Path: <kernel-hardening-return-13944-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com> Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8D3EB17E0 for <patchwork-kernel-hardening@patchwork.kernel.org>; Tue, 21 Aug 2018 00:05:03 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7E04D29D35 for <patchwork-kernel-hardening@patchwork.kernel.org>; Tue, 21 Aug 2018 00:05:03 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 7238C29D50; Tue, 21 Aug 2018 00:05:03 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id B7D8129D35 for <patchwork-kernel-hardening@patchwork.kernel.org>; Tue, 21 Aug 2018 00:05:01 +0000 (UTC) Received: (qmail 3912 invoked by uid 550); 21 Aug 2018 00:04:59 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: <mailto:kernel-hardening@lists.openwall.com> List-Help: <mailto:kernel-hardening-help@lists.openwall.com> List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com> List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com> List-ID: <kernel-hardening.lists.openwall.com> Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 3877 invoked from network); 21 Aug 2018 00:04:58 -0000 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.53,267,1531810800"; d="scan'208";a="250527745" From: Casey Schaufler <casey.schaufler@intel.com> To: kernel-hardening@lists.openwall.com, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@tycho.nsa.gov, casey.schaufler@intel.com, dave.hansen@intel.com, deneen.t.dock@intel.com, kristen@linux.intel.com, arjan@linux.intel.com Subject: [PATCH RFC v3 0/5] LSM: Add and use a hook for side-channel safety checks Date: Mon, 20 Aug 2018 17:04:39 -0700 Message-Id: <20180821000444.7004-1-casey.schaufler@intel.com> X-Mailer: git-send-email 2.17.0 X-Virus-Scanned: ClamAV using ClamSMTP |
| Series |
LSM: Add and use a hook for side-channel safety checks
|
expand
|
v3: get_task_cred wasn't a good choice due to refcounts. Use lower level protection instead v2: SELinux access policy corrected. Use real_cred instead of cred. This patchset provide a mechanism by which a security module can advise the system about potential side-channel vulnerabilities. If security_safe_sidechannel() returns 0 the security modules do not know of any data that would be subject to a side-channel attack. If the security module maintains data that it believes may be susceptible to a side-channel attack it will return -EACCES. Simple hooks are provided for SELinux and Smack. A new security module is provided to make determinations regarding traditional task attributes, including user IDs, capability sets and namespaces. Signed-off-by: Casey Schaufler <casey.schaufler@intel.com> --- MAINTAINERS | 6 ++ arch/x86/mm/tlb.c | 12 ++- include/linux/lsm_hooks.h | 12 +++ include/linux/security.h | 1 + security/Kconfig | 1 + security/Makefile | 2 + security/security.c | 6 ++ security/selinux/hooks.c | 9 +++ security/sidechannel/Kconfig | 60 ++++++++++++++ security/sidechannel/Makefile | 1 + security/sidechannel/sidechannel.c | 162 +++++++++++++++++++++++++++++++++++++ security/smack/smack_lsm.c | 18 +++++ 12 files changed, 286 insertions(+), 4 deletions(-)