On Thu, Jun 20, 2019 at 07:13:50AM +1000, James Morris wrote:
Good morning, I hope the week is going well for everyone.
> On Wed, 19 Jun 2019, Jarkko Sakkinen wrote:
>
> > Can LSM callbacks ever non-generic when it comes to hardware? This is
> > the very first time I ever see such callbacks being introduced.
> >
> > I suspect that from maintainers perspective, accepting such changes for
> > Intel hardware, could open a pandoras box.
> If there's a major distro/userbase committing to ship with these
> hooks enabled via a supported in-tree LSM, the case for inclusion is
> clear.
We've been waiting for this concern over SGX specific LSM
functionality to eventuate for the last month or so of this
discussion.
It would seem that mainstream acceptance of SGX specific LSM
modifications is complicated by the fact, as we noted in a previous
e-mail, that a 1400+ machine SAAS implementation we have experience
with will only ever be run with selinux=0.
Hence our concerns and continued comments regarding the need to strike
the proper balance between implementation complexity and the actual
effective security guarantees that are being achieved.
> If the hooks could be generalized beyond just SGX, that would be
> ideal, but it's not clear if that's feasible.
We have been working to develop some thoughts on this issue.
We will forward those thoughts along after I get somewhere different
from where I am right now.
> James Morris
Have a good day.
Dr. Greg
As always,
Dr. Greg Wettstein, Ph.D, Worker
IDfusion, LLC
4206 N. 19th Ave. Implementing measured information privacy
Fargo, ND 58102 and integrity architectures.
PH: 701-281-1686
FAX: 701-281-3949 EMAIL: gw@xxxxxxxxxxxx
------------------------------------------------------------------------------
"Can't they?
A 64bit number incremented every millisecond can grow for half a
billion years. As far as I'm concerned, that is forever."
-- Neil Brown
linux-raid
