Re: [PATCH v1 0/2] Add LSM access controls for io_uring_setup

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Paul Moore <paul@xxxxxxxxxxxxxx>
Subject: Re: [PATCH v1 0/2] Add LSM access controls for io_uring_setup
From: Dmytro Maluka <dmy@xxxxxxxxxxxx>
Date: Thu, 10 Aug 2023 11:08:34 +0200
Cc: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>, Gil Cukierman <cukie@xxxxxxxxxx>, Jens Axboe <axboe@xxxxxxxxx>, Pavel Begunkov <asml.silence@xxxxxxxxx>, James Morris <jmorris@xxxxxxxxx>, "Serge E. Hallyn" <serge@xxxxxxxxxx>, Stephen Smalley <stephen.smalley.work@xxxxxxxxx>, Eric Paris <eparis@xxxxxxxxxxxxxx>, kernel-team@xxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, io-uring@xxxxxxxxxxxxxxx, linux-security-module@xxxxxxxxxxxxxxx, selinux@xxxxxxxxxxxxxxx, Joel Granados <j.granados@xxxxxxxxxxx>, Jeff Xu <jeffxu@xxxxxxxxxx>, Takaya Saeki <takayas@xxxxxxxxxxxx>, Tomasz Nowicki <tn@xxxxxxxxxxxx>, Matteo Rizzo <matteorizzo@xxxxxxxxxx>, Andres Freund <andres@xxxxxxxxxxx>
In-reply-to: <dc055b47-b868-7f5d-98bf-51e27df6b2d8@semihalf.com>
References: <20221107205754.2635439-1-cukie@google.com> <CAHC9VhTLBWkw2XzqdFx1LFVKDtaAL2pEfsmm+LEmS0OWM1mZgA@mail.gmail.com> <CABXk95ChjusTneWJgj5a58CZceZv0Ay-P-FwBcH2o4rO0g2Ggw@mail.gmail.com> <CAHC9VhRTWGuiMpJJiFrUpgsm7nQaNA-n1CYRMPS-24OLvzdA2A@mail.gmail.com> <54c8fd9c-0edd-7fea-fd7a-5618859b0827@semihalf.com> <CAHC9VhS9BXTUjcFy-URYhG=XSxBC+HsePbu01_xBGzM8sebCYQ@mail.gmail.com> <d2eaa3f8-cca6-2f51-ce98-30242c528b6f@semihalf.com> <CAHC9VhQDAM8X-MV9ONckc2NBWDZrsMteanDo9_NS4SirdQAx=w@mail.gmail.com> <dc055b47-b868-7f5d-98bf-51e27df6b2d8@semihalf.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.13.1

On 8/9/23 19:28, Dmytro Maluka wrote:
>   So one of the questions I'm wondering about is: if Android implemented
>   preventing execution of any io_uring code by non-trusted processes
>   (via seccomp or any other way), how much would it help to reduce the
>   risk of attacks, compared to its current SELinux based solution?

And why exactly I'm wondering about that: AFAICT, Android folks are
concerned about the high likelihood of vulnerabilities in io_uring code
just like we (ChromeOS folks) are, and that is the main reason why
Android takes care of restricting io_uring usage in the first place.

Follow-Ups:
- Re: [PATCH v1 0/2] Add LSM access controls for io_uring_setup
  - From: Stephen Smalley

References:
- [PATCH v1 0/2] Add LSM access controls for io_uring_setup
  - From: Gil Cukierman
- Re: [PATCH v1 0/2] Add LSM access controls for io_uring_setup
  - From: Paul Moore
- Re: [PATCH v1 0/2] Add LSM access controls for io_uring_setup
  - From: Jeffrey Vander Stoep
- Re: [PATCH v1 0/2] Add LSM access controls for io_uring_setup
  - From: Paul Moore
- Re: [PATCH v1 0/2] Add LSM access controls for io_uring_setup
  - From: Dmytro Maluka
- Re: [PATCH v1 0/2] Add LSM access controls for io_uring_setup
  - From: Paul Moore
- Re: [PATCH v1 0/2] Add LSM access controls for io_uring_setup
  - From: Dmytro Maluka
- Re: [PATCH v1 0/2] Add LSM access controls for io_uring_setup
  - From: Paul Moore
- Re: [PATCH v1 0/2] Add LSM access controls for io_uring_setup
  - From: Dmytro Maluka

Prev by Date: Re: [PATCH v3 6/7] selinux: avoid implicit conversions in policydb code
Next by Date: Re: [PATCH v9] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing
Previous by thread: Re: [PATCH v1 0/2] Add LSM access controls for io_uring_setup
Next by thread: Re: [PATCH v1 0/2] Add LSM access controls for io_uring_setup
Index(es):
- Date
- Thread

[Index of Archives] [Selinux Refpolicy] [Linux SGX] [Fedora Users] [Fedora Desktop] [Yosemite Photos] [Yosemite Camping] [Yosemite Campsites] [KDE Users] [Gnome Users]