On Tue, Jun 18, 2019 at 09:38:19AM -0400, Stephen Smalley wrote: > On 6/17/19 6:24 PM, Sean Christopherson wrote: > >My original plan was for my next RFC to be an implementation of Andy's > >proposed "dynamic tracking" model. I actually finished the tracking > >portion, but was completely flummoxed by the auditing[1]. Since Cedric's > >RFC is essentially a variation of the dynamic tracking model, it too has > >the same auditing complexities. End result, I ended back at the "make > >userspace state its intentions" approach. > > > >Except for patch 12 (see below), the SGX changes have been fully tested, > >including updating the kernel's selftest as well as my own fork of (an old > >version of) Intel's SDK to use the new UAPI. The LSM changes have been > >smoke tested, but I haven't actually configured AppArmor or SELinux to > >verify the permissions work as intended. > > Was dropping linux-security-module and selinux lists intentional for this > RFC? Not recommended. Yes, my thought was to keep the noise to the sgx list until we at least agree on a direction for the SGX UAPI. I am fully expecting that whatever LSM and SELinux patches we end up with will go through a lot more scrutiny when Jarkko sends them with his SGX series. Anyways, would you like me to resend the series to Cc the aforementioned lists? > Is the entire series aside from patch 12 available in a public tree > somewhere? I pushed tag 'sgx-lsm-v3' to https://github.com/sean-jc/linux.git. > Ultimately we'll want additions to the selinux-testsuite that exercise each > of the new permissions, both a permission denied scenario and a permission > allowed scenario.
