On Wed, 8 Jan 2020, Stephen Smalley wrote: > This appears to impose a very different standard to this eBPF-based LSM than > has been applied to the existing LSMs, e.g. we are required to preserve > SELinux policy compatibility all the way back to Linux 2.6.0 such that new > kernel with old policy does not break userspace. If that standard isn't being > applied to the eBPF-based LSM, it seems to inhibit its use in major Linux > distros, since otherwise users will in fact start experiencing breakage on the > first such incompatible change. Not arguing for or against, just trying to > make sure I understand correctly... A different standard would be applied here vs. a standard LSM like SELinux, which are retrofitted access control systems. I see KRSI as being more of a debugging / analytical API, rather than an access control system. You could of course build such a system with KRSI but it would need to provide a layer of abstraction for general purpose users. So yes this would be a special case, as its real value is in being a special case, i.e. dynamic security telemetry. -- James Morris <jmorris@xxxxxxxxx>
