| Message ID | 20180815235355.14908-5-casey.schaufler@intel.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show
Return-Path: <selinux-bounces@tycho.nsa.gov>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
[172.30.200.125])
by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A73CA14BD
for <patchwork-selinux@patchwork.kernel.org>;
Thu, 16 Aug 2018 13:47:10 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 940352B277
for <patchwork-selinux@patchwork.kernel.org>;
Thu, 16 Aug 2018 13:47:10 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
id 87EE22B28A; Thu, 16 Aug 2018 13:47:10 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
pdx-wl-mail.web.codeaurora.org
X-Spam-Level:
X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI,
RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1
Received: from ucol19pa12.eemsg.mail.mil (ucol19pa12.eemsg.mail.mil
[214.24.24.85])
(using TLSv1 with cipher AES256-SHA (256/256 bits))
(No client certificate requested)
by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 4D1DF2B277
for <patchwork-selinux@patchwork.kernel.org>;
Thu, 16 Aug 2018 13:47:09 +0000 (UTC)
X-IronPort-AV: E=Sophos;i="5.53,247,1531785600";
d="scan'208";a="620466363"
Received: from emsm-gh1-uea11.ncsc.mil ([214.29.60.3])
by ucol19pa12.eemsg.mail.mil with ESMTP/TLS/AES256-SHA;
16 Aug 2018 13:47:07 +0000
X-IronPort-AV: E=Sophos;i="5.53,247,1531785600";
d="scan'208";a="17089157"
IronPort-PHdr:
9a23:HyEn+BxJ0ZfBfj/XCy+O+j09IxM/srCxBDY+r6Qd1uwQLPad9pjvdHbS+e9qxAeQG9mDtbQc06L/iOPJYSQ4+5GPsXQPItRndiQuroEopTEmG9OPEkbhLfTnPGQQFcVGU0J5rTngaRAGUMnxaEfPrXKs8DUcBgvwNRZvJuTyB4Xek9m72/q99pHPYghEniaxba9vJxiqsAvdsdUbj5F/Iagr0BvJpXVIe+VSxWx2IF+Yggjx6MSt8pN96ipco/0u+dJOXqX8ZKQ4UKdXDC86PGAv5c3krgfMQA2S7XYBSGoWkx5IAw/Y7BHmW5r6ryX3uvZh1CScIMb5Q6o0WTC/5Kl1ThHmhjoMOzog/G3KlsB8iaRWqw+jqRNi2Y7ZeIGbOuRwcK3eet0VR2RBUNtJVyFDH4+xYYQAAPYOM+lGtInwvEcOoBmkCAWwHu7j1iFEi3nr1qM6yeQhFgTG0RQ+Et0Uq3TbstX0P7oPX++pzKnH1yjDb/1S2Tjj8ojDbxcsru2WUrJrb8XQyVMjFxjZgVWQs4PlIj2V1uATvGiB9OdgVOSvi3I5pAF1uDSg2sAsiozQi48T11vK9j15zZ4oKdC3R0N3e96pHIZKuy2EOIZ6XNkuT3xwtConzrALuoS3cDUIxZkn3RLSb/iKf5KG7x/jUuuaPC12i2h/eL2lgha/6U2gyurhWcaqyFtKtS9FksXUtnAKyhzT9tCLSvtj8Uel3jaCzxzT5fteIUA1iKrbMIQtwr82lpodtkTDBTH5l1nsgK+KdkQr5uio6+P9brXgupCcLJN7hhv7MqQvnsyzGeU4Mg4QUGiH4emwybLu8ELjTLhKk/E6iLfVvZ/EKcgBu6K1GwpV3Zwi6xa7ATemytMYnXwfIVJeZh2Hi4npO1fTIPH3FPuwmFOskCptx//aILLhGY7ALmTDkbj9fbZ97FRQyAwozd9F/Z5UBbYBIOzrVk/rqNPYFgM5MxCzw+v/CtV90YUeVniTAq+ZKqzSt0SF5uAoI+mKYY8aoi39K+Q76P70ln81g1gdfbOm3ZEPcnC3AuxmI1mFYXrrmtoBE2UKsRAiQ+zpk12CVjhTZ3esX68n6DE7DJ+mDIjYSYCwhryBwDq7EodRZmBcBVCGCW3oeJmcW/cQdCKSJddskzIFVbilTo8uywuuuRT0y7V5M+XU/TcYuoj71Nhv4O3Tlw89+iBoD8iH1GGNVW50lHsSRzAqxKB/vVB9ylCb3Kdln/NYENtT5/VVUgsnLpPc0fJ1C8rzWgPAedeJTkyqQtO4DjEtVtgx2cMBY15hG9W+iRDOxzelA6MPmLyRH5E77qXc333tKMln0HbGyLMtj184TctTLWemnLJw9xDPB47VlEWUj7ildbwG0y7X9WeD1nGDvFlCXw5qUKXFRmgfZk/Motvl+EzOVbiuCa4oMgFZ086NNrNKasH1jVVBXPrjO87RY2G2m2etHhuIxamDbInte2UAxindD1IEkw8L93acKQc+Hjuho37ZDDF2D13gflns8ehgp3OhVUI71R2Fb0h727qy4B4ViuSWS+kP0bIcpCchtzJ0EU6n393LFtWNvAVhfKBTYN8n5ldIy37ZvRRnPpO8N6BimkIecwNvskP12RV3EIJAkdM2rH4x1wpyL6WY0V1EdzyC25D8ILvXJXfu/Bq3ca7Zxkne0MqK+qcI8Pk5pU/svAW1FkU86XVnyMJY02WC6ZXQFwUSTJfxXlww9xhgqLHQejM96J/M1X1wLam0tSfP29QoBOshzhavYcxfPbieGwDsCc0aANKiKOswm1imdhgEJvxd9LYoP8O6cPuLwLCrPOd8kzK6imRH+ppx3V6M9yp7TO7I0I0Iw/WZ3guBTTj8llChvtrwmYBeajEYBnC/xjT8BI5Neq1yep4GCWOvI82s2tVynoXtVGBc9F6iAVMGxcCodAGJb1zl3A1Q00UXrmC8mSeiyTx7jS0ppLKF3CPS2+TiaAYHOmlTSWl4ilfsJYy0gM4AXEe0aAgomgCo5V3nx6dHv6RzNW7TQV1HfyLuNWFtTrOwtqaeY85I8J4osjtYUOKnYV2BSb7yvR0a0zjlH2RA2DA3bTaquo/2nxZikmKSMG5zrGbFecF33Rrf/MbTReNV3jUYXCl3kz/XBkSiMNmz5tiUiozDvf6kV2K6TJFTai7rzZ6atCSn+2JqDxq/n+q8mtL5CwQ61zH018VyXyXSsBn8epXr17i9Me9/YEloAkLz5tFkGoF4j4QwhIsc2X4EiZWJ5XAHi3v8Mc1H2aLia3oAXSYLzMTI4Ajhw0BsMnOJx575V3mEzMtufd+6bnkR2iIn4MBAEL2U46BcnStpvlq4qhrcYfZnkTcb1fsu73sajvoHuAUz0yqdBaoSElNAPSz2kBSI7c6xo7lLZGq1driwzkV+l8i7DL6eugFcRGr5epA6EC919Mp/NFbM32Pv6oH4Ytbfd8kethuKnBfclOhaNIg+luIUiiZ9P2Lyo2ElwfYhjRNyxZG6oJSHK2J18aK3GB5XKCD6Z9gJ9THrkaZemd2W0pu1EZp9HzUHRpzoTeinEDgKr/ToKx6OECEgqnecAbffBRGQ51x4oHLJEpCrK3aXKWIYzdp8WhaSOlZTgAcOXDU1hpQ5DBylxNT9cEdl4TAc/kX3pQBLxuJsNhn/SXvfpByyZjcvVpeQMABa7hpc6EfRMMye6P9zHi5D85K9rA2NMHGbZx9SAWAHQEOEG0vjPr6o5dXa9OiYHOW+JePUYbqSsexeS+uIxZW334R9/jaMOcKPPn95AvImxEVMRnF5FN7fmzkVTCwXjS3NZdaBpBig4i13sty/8PPzVQ316ouAEaVSPst09hCxmaeMKeiQhCNjJjZZ0pMD3njIybcF0F4VkSFueCGnEa4cui7VUKLQhqhXAgYHayN0MctE9bg83g5MOMHFjNP6zaR4jvkrBFdGTlHuhsapZckWLG6nL1PHGFyHNLKYKj3X28v3e7+zSaVMjOVIsB29oTSbE0/jPzSbkDnpUxGvMf1SgyyAORxeuZ29cgxzBmT5S9LmcBK7OsdtjTIq2b00mm/KNWkEPDh/c0JNqqOf4DhdgvV4FWxB4GRqLfWYmyaZ6OnYL4gZveFtAitqi+JQ+G46xKdN7CFYWPx1nzPfrthwrF68lumC0TlnUB1VqjZXno2Lu15iOabY9pVaX3bL4g4N532KCxsWv9tlFsHvu6dIx9jViq3zMylN/MjO/cQAB8jZM9mIMHs7MRX0Hz7UAhMFTSS1OmDfnUBdlu+d9mGNpJggtpfsgIYOSqNcVFEtC/waDUJlHNofL5hpWjMkkKWWg9QW6nqkqxndXsJavorIVviKG/XgNC6ZjaVYZxsP2b73MJ4cNpP620N/cVl3h57FG1DKXdBKrCxhdRE7r1lQ8HhkT20zx0LkZhmr4HANCf6+hgQ2hRdmYeQx6Dfs5E86Jl7NpCsqjkYxn9TkgTeKfT7+KqewQJtaCy3ut0g+Kpn7WRp6bRWunUx4MzfJX6lRgKVkdWBqjg/cpJROFOVAQq1DZR8f2euYZ+400VhGrCWo21NH7/PfCZR+jAsqbYKsr3VY1gJ/bd41IKvQJLZJzllQna+Boy6o1+ArzwAFPUoN9n2deDIQskwSKrYmPzao/vBr6QGagTRDfGkMWOY0rf1y80M8O+KAzyXm07FZMU2+LO2fILmfu2TZm86IX0k81kUWmElZ5bJ2y9ssc1KIV0Azy7ucDw8GOtTEKQxOdcVd6WbTcjiUseXW2511JYW8GvrvTe+Uu6YemlikExoxH4QQ8sQBGYGh0E7FLcfmKL4FzQsi5AHwKVqYEvtGYxOLny0Bo82ly593x4ZdLCkHAWphKSW3+qrXpggyjfqZWtc2Y2sVXosDNnIyQ820gzdXsWlaAjSr1ewU0xSN7zj5pivMFjb8dMZjaO2SZRxyFNG84S8//LSuiV7L7pXeIHn3Nc54td/V7uMVvI2KC+9OTbZnrUfThY1YR32sU27AFd61Jpfwa4kwbdz6EHm6SFm/hygzT8jvINanNrKIjh3wRYZIrImb2yguNMGnGj4CGxdwpuQD5KNmag0AeJc7YADnuBogOKClJweYyNquSX63KTRKV/lf0fm6Z7tPwiopdOC60nggQY8mz+m2904NS4oHjx/Eyvale4ZeVS/zGmFAdAXUvyY5kXZuNvoqyOcl3BzIqUUcMyyMdOFxcmNEpcw8BVWILXV1EWc4Rl6cjYvf4gG3xbwS+TVSn8pM2+1frHf+poPfYC6rWKGzqJXVtTYgYsYio6JvNIzsPNeGtInenzHES5nQqhOKUCi/F/VAm9hQJDlXQP5HmG0/PswGo4VB41IrVsgiP7xPFLUspreyZDp4Ci4SyDQUV5+c0DwHmeiwwb3amQmMcJ46KhwLrI1CgscBUy5xei4epqijWJvNmmCZVGcLOxkc7R5Q5A0ei4B8ZObl75TUTJVU0T5Zv+p0UjfXFplv71b7RHuWjkL+SPq9kuypxhlfzPf00tkaQRJ/EkZcx/1MmksvMrF3JLEavpTWvT+QaUP6oGXtxfO6JFZM1MLUdkf3DI7euGXgVS0c/GEbSpVUyHHDD5gSlRR2aLozrlVWPI+mYlr+5yAjx4lxB7m4TtyryEw4onYaXCqqCN1BC/x8sF3LRjJlZYyrqI//NJVWWGNQ/4edq1hBmkV3LyG50YZcK91K4jMURzdPrymSsMewRcFe18J7FIMDItB6u3jhAqxEI4SRr2cwurPx1n/T4yo8v0uixDWvB6+4SPpU/3cAFQo0J2SRsFUvAvAo8mfV7FDCrE548PtcBreSk0p9ujB9EY5SBjxRz3CqM0xzTGVas+VdMKnVb9ZcTOcsahCyIBE+CPom31CT/U5ug3f5Yitytg9E9CDBRQU0UjMVgrj1kz0Ets6nISMaS45PbTg5bSfKMRibmSdMvBZbcU5qRYsUAtNY+7EfwYtU/9bNSUe2JiEDRxxuLAU40eBQlURbqkWXZTjdDRa0dfbIqhB3f92erMinLPTj+wdIl53ovfsk96oZQX2mggqtTcrYr4Diqt2ArlGOe7vgM+2gfX/BSyDBjRa0hbo/DpnK+S3TPBBaK5l8x3oke4LuCXXXPRRcOqIUO1ZbVb1gadpYuOxaYNVkeKkR8693Gh2HXg/vGJCorPReKFbTRCjRLyKF8uOluoLf973dSe/nZsyX3HbKWKd3M5h16DXhHLfqy4Be8FLs2vhx7kN6VUTGMyeZodv9PAwL4NetdlD+vpwpGjPbG4xwn2bsxk5eccoXXyyq/44CxJNf9nnwVfpy0lLvv+1K67lk9Y437qhtycevIKffKe9XsUF5DReJAQVq7I8iAHBlR2BWYO8eNuvefbgDgcDpseD3GLQd6AeJ9OxBddvHO0bBl9G9CjGdTBxJhwIBpiAaLwSCzf6Fmql0Scm/qej/xE0t/0C0LgQaw7B1+YeE5q2IqffWbxrQ17cLQLTlS9jorrsyp0Od++ErmKQJemxvbA2tCPIdWdIFxmf80aAqyjohHNjCH7L79v9MTXA5njP8m5BlBVoWB/cUEKGX8oRZg2g3hfbWNsAMcqBFgGaADwSoErgYyX6k8yGXOnVqggnS0xHsRmO+9Ef2ojVkQSTQz9finE1VVqO0BUtLRCqmJ0t4sDKJPAr1u9v6orw141sqMmP4tNKMmmyhOKlUH8HlJ9yTPzM0pFQJg501XNCv3pobGdWlKtcL7H5+dufe63+skyJZrKdImYze4t2S+vXQGnWglLOVq7GMxDBe13g5skoy6tS+OfHU59yFWe6k12APQCdjowHBRQK6qqTHr1AIPkyGyFvEmI4QMd5FxnQ3ykbm5OwnQNIy6gpeDJrAaO0eqjDzIjf0xkyfY90vXCmEzzRXBk71EUV/GKUk3WLwu8TJlWvf+1I2XYRwck3nigZxD4omNUIs5l8XwjAAEQgWcxybCq+nBVj9J4seSUcDcQiH3KS9eqov0k183qiv5PTKYeJhCKQDMPddjgiTnFlUAZ8WvqgeT6h6e1BD7qLXoRLiC4f/Vfj8iXUwLeG1Qtxd8c0BtXsi5Qa/Rxy65Zhf77YbjI2IebNFYJjNusB89ERn5T8UeyxTgRh/kQm2UeQBq+Di+NTbtoSn6vq2XqY3W+oX7wQ0B3h5j5bogVAjv8vY1+FHR43RlITw7QFNI3mRuIrA1Bl8M+UOIZqxfLl873UHOzQeJ3UWMNqUdfY87SFtMDHI6l1MGMwMY80XPNbXlQBSlELpRKlZ9tDHFV+AF4dza8co4nL4yDAx9ps9XPjv6DuyJZ3E9FFNOPVDjCRwm97Youga3+bSAjAN4XaFcxh13j+Cy56VBvb1/OWMy9LUV1QdEy40SYhdJz2C+Qq5SeqzjpnpVB2b6tPripIkaE2QXmCxnLgCsqtUCuFPlCP73iRFG4Dug/KVtMas6HdJtlJZDYl/9xrFGL9QPp9jIxT3itGrRlRgBiv4YMzUbh0uuO6MyecW7eR+ME/+ZYEALxIBzLL67mFVQRVyR77suVaZRvkRZNpgSPPLtHxV7phgK6AXNliHuJPqtitIqEwxAAIxZr8/sDhadkjWnAJLQKv1ub8Aig4ZUdFno09MHXy/NHg55zrdWqRflLORB+AN8jWPUqwOVF1lMy1mQxOv2ZVhZ6WmkOtCsmNHgiN9uuYl3yZhRBumti3mv7gN1i44+LGkqDUBvmRITuKakyjWElhD1PAKgr0HC3b+6FyzfGUDbJHs77Z5P8jg85cu42gnaxU5YyIGRfigCz33j66QBoyPsdRchAOCucnXab+zLDMSNqgmyR/4RnhyyA7enBFy/GsMWDWg48cuJJ+hNsY92iqoBW/beU4J4qxTrMTxtV8LTO0xaV563mVj086HSTMJRMzOHWY1kwclZX9DcJJZ5h8QD7MojSqQvqla4gEUZy/ZEoa/9YnTmsfHwmIwTcpsxmLKpq2FgY4q0HJlm9No9CKOvmodd/DAWc92HnfzzptfyfD5Z/i1sOAHTYxmyK67UP8DKcmu4m22149vWkC7x7QSBV25MPUMxr3DSSeqVXWYWfiXc2iLhzs5KUDy5Ry0IVA2a8pHtFE9PfXYhp5dlgzhVrV0Sj+WpVDF0Gxwed8dIgE7ooGqf0kKRfQdau6dI+cGxPwlFEBKaGfEGzR/D+vwulmo2MB/OnN98QD5bP7r/wTOLtSfAF8HHJTco5o3/ua1AiqFOHl93FhpMUJp7ebDBhE0seNBd5u5g9fdnZJ43PQDevMrNjcy/pYIl4Zi75SE+NubehHWiJDpLJfapebcS8b65m8JP21bSbEEehjd44QhIsV/A+SVGqFW+VwXDLM3Udo6PGf46a9wIRlbcwjNabDyic7v4qqHb4VZ4X/f6Ek9Kg/dvQEOzrq/Sgk/J5yngXj/JtYsAD5GpN5FCx16EY8JEMQF60KkGZ+PhKy9o9uw/V5q/e4Mraf0TPvN0ZDx1p9zVp5y4U2NISaXBa93j0AjheO30dna1ZykIsr5dMJMb+N7S3PLbrLcVtG0IymDK4TncE5P7rCY3ahRUxONaSS/VK2D4n73fM546Fk2n9QrNNHYyyYguvSCgNY=
X-IPAS-Result:
A2AMBACFf3Vb/wHyM5BcHQEBBQELAYUfEhYSjFeOQJUdFIFaFxgUiCM2FgECAQEBAQEBAgFsKII1JIJfAwMBAiQTFCAOAwkBAUAICAMBLRURBwcLBRgEgwGCAqoBM4N+AYZiinA/gRKCXYUAARIBhXcCjUIwjHsHAoF/jVELFYE6hySFUJMhgUgBMGFxTSNQgmmCJReNYVZPfYsZgjoBAQ
Received: from tarius.tycho.ncsc.mil (HELO tarius.infosec.tycho.ncsc.mil)
([144.51.242.1])
by emsm-gh1-uea11.NCSC.MIL with ESMTP; 16 Aug 2018 13:47:06 +0000
Received: from prometheus.infosec.tycho.ncsc.mil
(prometheus.infosec.tycho.ncsc.mil [192.168.25.40])
by tarius.infosec.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id
w7GDkuRK024145;
Thu, 16 Aug 2018 09:47:01 -0400
Received: from tarius.infosec.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil
[144.51.242.1])
by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id
w7FNsTJT004966 for <selinux@prometheus.infosec.tycho.ncsc.mil>;
Wed, 15 Aug 2018 19:54:29 -0400
Received: from goalie.tycho.ncsc.mil (goalie.infosec.tycho.ncsc.mil
[144.51.242.250])
by tarius.infosec.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w7FNsShl004257
for <selinux@tycho.nsa.gov>; Wed, 15 Aug 2018 19:54:29 -0400
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result:
A1AbBQDsvHRbfSNjr8ZdHgEGDIUxFhKYLIMFlRuBeguEbAKDNCE2FgECAQEBAQEBAhQBARY6hWcDAydiUVcHEoMiggKsODODfgGGYIkUgVg/gRKCXYsJAo1yjHkHAoF/jVELFYE6hySFTpMhgUcBMIFTTSODOYIlF41hVh8wjkEBAQ
X-IPAS-Result:
A1AbBQDsvHRbfSNjr8ZdHgEGDIUxFhKYLIMFlRuBeguEbAKDNCE2FgECAQEBAQEBAhQBARY6hWcDAydiUVcHEoMiggKsODODfgGGYIkUgVg/gRKCXYsJAo1yjHkHAoF/jVELFYE6hySFTpMhgUcBMIFTTSODOYIlF41hVh8wjkEBAQ
X-IronPort-AV: E=Sophos;i="5.53,245,1531800000";
d="scan'208";a="347545"
Received: from emsm-gh1-uea11.corp.nsa.gov (HELO emsm-gh1-uea11.nsa.gov)
([10.208.41.37])
by goalie.tycho.ncsc.mil with ESMTP; 15 Aug 2018 19:54:22 -0400
IronPort-PHdr:
9a23:qrAv2xC2c1fPFZl4voOIUyQJP3N1i/DPJgcQr6AfoPdwSPXzr8bcNUDSrc9gkEXOFd2Cra4c1ayO6+jJYi8p2d65qncMcZhBBVcuqP49uEgeOvODElDxN/XwbiY3T4xoXV5h+GynYwAOQJ6tL1LdrWev4jEMBx7xKRR6JvjvGo7Vks+7y/2+94fcbglUhTexe69+IAmrpgjNq8cahpdvJLwswRXTuHtIfOpWxWJsJV2Nmhv3+9m98p1+/SlOovwt78FPX7n0cKQ+VrxYES8pM3sp683xtBnMVhWA630BWWgLiBVIAgzF7BbnXpfttybxq+Rw1DWGMcDwULs5Xymp4aV2Rx/ykCoJNyA3/nzZhMJzi6xUohyhqgdjz4LIeoyZKOBzcr/Bcd4cWGFPXtxRVytEAo6kcYYAFfEBMvhYroLgulUBsRu+ChOxBOPhzj9HmGX21rA93us9Cw7GxxIvHtIUvHTPsNr1NL0dUf27zKnM0zrDdehb2Tb76IjUbB8hpeuAUq53ccrU0EQiER7OgFaIqYH9Ij+Y0ucAv3KG4+diVe+jkWoqpgVrrjWhxsohjJTCiJgPxVDe7yp5xZ44Jd2mR05/Zt6pCJVQtySBN4tzTcMtWX1ktDokxrEfuJ60YDQFxI4pxx7acfCHco6I4g79W+aVOzt3mHVleLenixaz90iv1PH8W9Gp3FtOrSdJiMTAu3IN2hDJ7sWKTuFx80mh1DqX0gDc8OBEIUQ6larBLJ4hx6Y9mYYJvkTYACD3mF/6jLSKeUUk4Oeo9urnYrH4qZ+GLIJ0iwf+Mrgwlcy7G+g3Lg8OX22D9eSmyLLj5VH5QKlNjvAuianWrpTaJcUdpq6kDA5YyZoj6hajADem19QUh38HLElfdx6dgIjpPE/Oc7jECqK8jk6qnTMux/ncMrDnA5PCBnzCi6v6O7Fl5khDwQ43i9tY4tYcDrAHPeK2WULrstHcJgE2PhbywOv9Dth5kIQEVibHBq6fLbOXqlKD+/guP/jJYYgZpTLwA+Yq6uSojnIjn1IZO66z0t9fc328H/J7M22FcHHshZEHCm5MsQ0gCKTRrXSpcntfZm25QrknzjU6E569S9+aAIe3j/jJ1y6gE4wQfWtGA02CFXryX4SCR/oILimVJ4spnjUaWP6hQok62BeGtQnmxr4hJe3RvmUUuJTu2d4z+6vfkhox3T1yE8mZlWqKSiU8nXkJXCM72oh7oEpg2hGC17R1h7pTEtkXr/pTUA48HZrdyfFqTdH0Rg/FONyOTQWIWNKjVBo4Vd8gi+QFY09gFdGvlFiX1COxDq5TjLeLDYE69q/G93n3O8t5jX3B0f9y3BEdXsJTODj+1eZE/A/JCtuRng==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result:
A0H/BADsvHRbfSNjr8ZdHgEGDIUxFhKYLYMFlRuBeguEbAKDNSE2FgECAQEBAQEBAgEBAhABARY6L4I1IoJiAwMnYlFXBxKDIoICrDgzg34BhmCJFIFYP4ESgl2LCQKNcox5BwKBf41RCxWBOockhU6TIYFHATCBVE0jgzmCJReNYVYfMI5BAQE
X-IPAS-Result:
A0H/BADsvHRbfSNjr8ZdHgEGDIUxFhKYLYMFlRuBeguEbAKDNSE2FgECAQEBAQEBAgEBAhABARY6L4I1IoJiAwMnYlFXBxKDIoICrDgzg34BhmCJFIFYP4ESgl2LCQKNcox5BwKBf41RCxWBOockhU6TIYFHATCBVE0jgzmCJReNYVYfMI5BAQE
X-IronPort-AV: E=Sophos;i="5.53,245,1531785600";
d="scan'208";a="7618550"
X-IronPort-Outbreak-Status: No, level 0, Unknown - Unknown
Received: from fmsmga002-icc.fm.intel.com ([198.175.99.35])
by emsm-gh1-uea11.nsa.gov with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
15 Aug 2018 23:54:04 +0000
Received: from orsmga003.jf.intel.com ([10.7.209.27])
by fmsmga002-icc.fm.intel.com with ESMTP; 15 Aug 2018 16:53:59 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.53,245,1531810800"; d="scan'208";a="75694071"
Received: from cschaufl-mobl.amr.corp.intel.com ([10.252.130.105])
by orsmga003.jf.intel.com with ESMTP; 15 Aug 2018 16:53:58 -0700
From: Casey Schaufler <casey.schaufler@intel.com>
To: kernel-hardening@lists.openwall.com, linux-kernel@vger.kernel.org,
linux-security-module@vger.kernel.org, selinux@tycho.nsa.gov,
SMACK-discuss@lists.01.org, casey.schaufler@intel.com,
dave.hansen@intel.com, deneen.t.dock@intel.com,
kristen@linux.intel.com, arjan@linux.intel.com
Date: Wed, 15 Aug 2018 16:53:54 -0700
Message-Id: <20180815235355.14908-5-casey.schaufler@intel.com>
X-Mailer: git-send-email 2.17.0
In-Reply-To: <20180815235355.14908-1-casey.schaufler@intel.com>
References: <20180815235355.14908-1-casey.schaufler@intel.com>
X-Mailman-Approved-At: Thu, 16 Aug 2018 09:42:40 -0400
Subject: [PATCH RFC 4/5] Smack: Support determination of side-channel
vulnerability
X-BeenThere: selinux@tycho.nsa.gov
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: "Security-Enhanced Linux \(SELinux\) mailing list"
<selinux.tycho.nsa.gov>
List-Post: <mailto:selinux@tycho.nsa.gov>
List-Help: <mailto:selinux-request@tycho.nsa.gov?subject=help>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: selinux-bounces@tycho.nsa.gov
Sender: "Selinux" <selinux-bounces@tycho.nsa.gov>
X-Virus-Scanned: ClamAV using ClamSMTP
|
| Series |
LSM: Add and use a hook for side-channel safety checks
|
expand
|
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 91750205a5de..85dc053e610c 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -2299,6 +2299,23 @@ static void smack_task_to_inode(struct task_struct *p, struct inode *inode) isp->smk_inode = skp; } +/** + * smack_task_safe_sidechannel - Are the task and current sidechannel safe? + * @p: task to check on + * + * A crude value for sidechannel safety is that the current task is + * already allowed to read from the other. + * + * Returns 0 if the tasks are sidechannel safe, -EACCES otherwise. + */ +static int smack_task_safe_sidechannel(struct task_struct *p) +{ + struct smack_known *skp = smk_of_task_struct(p); + struct smack_known *ckp = smk_of_task_struct(current); + + return smk_access(ckp, skp, MAY_READ, NULL); +} + /* * Socket hooks. */ @@ -4718,6 +4735,7 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(task_movememory, smack_task_movememory), LSM_HOOK_INIT(task_kill, smack_task_kill), LSM_HOOK_INIT(task_to_inode, smack_task_to_inode), + LSM_HOOK_INIT(task_safe_sidechannel, smack_task_safe_sidechannel), LSM_HOOK_INIT(ipc_permission, smack_ipc_permission), LSM_HOOK_INIT(ipc_getsecid, smack_ipc_getsecid),
Smack considers its private task data safe if the current task has read access to the passed task. Signed-off-by: Casey Schaufler <casey.schaufler@intel.com> --- security/smack/smack_lsm.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+)