v2: SELinux access policy corrected.
Use real_cred instead of cred.
This patchset provide a mechanism by which a security module
can advise the system about potential side-channel vulnerabilities.
If security_safe_sidechannel() returns 0 the security modules do
not know of any data that would
From: Casey Schaufler
When switching between tasks it may be necessary
to set an indirect branch prediction barrier if the
tasks are potentially vulnerable to side-channel
attacks. This adds a call to security_task_safe_sidechannel
so that security modules can weigh in on the decision.
Signed-of
From: Casey Schaufler
The sidechannel LSM checks for cases where a side-channel
attack may be dangerous based on security attributes of tasks.
This includes:
Effective UID of the tasks is different
Capablity sets are different
Tasks are in different namespaces
An option is
SELinux considers tasks to be side-channel safe if they
have PROCESS_SHARE access.
Signed-off-by: Casey Schaufler
---
security/selinux/hooks.c | 9 +
1 file changed, 9 insertions(+)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index a8bf324130f5..7fbd7d7ac1cb 100644
Smack considers its private task data safe if the current task
has read access to the passed task.
Signed-off-by: Casey Schaufler
---
security/smack/smack_lsm.c | 18 ++
1 file changed, 18 insertions(+)
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 9
From: Casey Schaufler
There may be cases where the data maintained for
security controls is more sensitive than general
process information and that may be subjected to
side-channel attacks. An LSM hook is provided so
that this can be check for where the system would
take action should the curren
On Sat, Aug 18, 2018 at 12:17 AM Casey Schaufler
wrote:
>
> From: Casey Schaufler
>
> The sidechannel LSM checks for cases where a side-channel
> attack may be dangerous based on security attributes of tasks.
> This includes:
> Effective UID of the tasks is different
> Capablity s
On Sat, Aug 18, 2018 at 12:17 AM Casey Schaufler
wrote:
>
> From: Casey Schaufler
>
> When switching between tasks it may be necessary
> to set an indirect branch prediction barrier if the
> tasks are potentially vulnerable to side-channel
> attacks. This adds a call to security_task_safe_sidecha
Hi,
My POC uses fscreate() to modify the current SELinux context of the running
process, it then creates a new node via mknod(), (), which is then going to
assign the current SLEinux context over to that object.
In the call path I am seeing security_sid_to_context_core().
I see a code path whe
On 08/20/2018 02:29 AM, Sachin Grover wrote:
Hi,
My POC uses fscreate() to modify the current SELinux context of the
running process, it then creates a new node via mknod(), (), which is
then going to assign the current SLEinux context over to that object.
In the call path I am seeing securi
> -Original Message-
> From: Jann Horn [mailto:ja...@google.com]
> Sent: Friday, August 17, 2018 4:55 PM
> To: Schaufler, Casey
> Cc: Kernel Hardening ; kernel list
> ; linux-security-module mod...@vger.kernel.org>; selinux@tycho.nsa.gov; Hansen, Dave
> ; Dock, Deneen T ;
> kris...@linux.
> -Original Message-
> From: Jann Horn [mailto:ja...@google.com]
> Sent: Friday, August 17, 2018 4:53 PM
> To: Schaufler, Casey
> Cc: Kernel Hardening ; kernel list
> ; linux-security-module mod...@vger.kernel.org>; selinux@tycho.nsa.gov; Hansen, Dave
> ; Dock, Deneen T ;
> kris...@linux.
On 08/17/2018 06:16 PM, Casey Schaufler wrote:
SELinux considers tasks to be side-channel safe if they
have PROCESS_SHARE access.
Now the description and the code no longer match.
Signed-off-by: Casey Schaufler
---
security/selinux/hooks.c | 9 +
1 file changed, 9 insertions(+)
> -Original Message-
> From: Stephen Smalley [mailto:s...@tycho.nsa.gov]
> Sent: Monday, August 20, 2018 9:03 AM
> To: Schaufler, Casey ; kernel-
> harden...@lists.openwall.com; linux-ker...@vger.kernel.org; linux-security-
> mod...@vger.kernel.org; selinux@tycho.nsa.gov; Hansen, Dave
> ; D
On 08/20/2018 12:59 PM, Schaufler, Casey wrote:
-Original Message-
From: Stephen Smalley [mailto:s...@tycho.nsa.gov]
Sent: Monday, August 20, 2018 9:03 AM
To: Schaufler, Casey ; kernel-
harden...@lists.openwall.com; linux-ker...@vger.kernel.org; linux-security-
mod...@vger.kernel.org; sel
On 08/20/2018 10:02 AM, Stephen Smalley wrote:
On 08/20/2018 02:29 AM, Sachin Grover wrote:
Hi,
My POC uses fscreate() to modify the current SELinux context of the
running process, it then creates a new node via mknod(), (), which is
then going to assign the current SLEinux context over to th
> -Original Message-
> From: Stephen Smalley [mailto:s...@tycho.nsa.gov]
> Sent: Monday, August 20, 2018 10:44 AM
> To: Schaufler, Casey ; kernel-
> harden...@lists.openwall.com; linux-ker...@vger.kernel.org; linux-security-
> mod...@vger.kernel.org; selinux@tycho.nsa.gov; Hansen, Dave
> ;
Ack on these as well
On Sun, Aug 19, 2018 at 11:49 AM, Nicolas Iooss
wrote:
> Python does not need to end a statement with a semicolon. Doing this
> gets reported by linters such as flake8 ("E703 statement ends with a
> semicolon").
>
> Remove such semicolons in the code and enable this warning
18 matches
Mail list logo
