On Thu, Nov 4, 2021 at 1:35 PM Casey Schaufler <casey(a)schaufler-ca.com> wrote:
After the last round of comments on the LSM stacking patches
Dmitry Mastykin <dmastykin(a)astralinux.ru> pointed out a
conundrum with reuse of the security_audit_rule functions
in integrity rule processing. The audit system wants to
match rules for any security module that as one. The
integrity system wants to match rules for a single, explicitly
defined LSM. The two sub-systems use common code in security.c
which needs to be changed to support multiple LSMs, but needs
to be changed differently for each of these cases. While it
would be possible to create frankensteinish versions of the
security_audit_rule functions that would handle both cases
it seems that creating "real" versions of the ima_filter_rule
functions would be considerably cleaner and easier to maintain
going forward.
I'm suggesting this now, while I'm still working on the patches,
in case there's a solid reason that frankencode is absolutely
everybody's favored approach. I plan to propose the disassociation
as a patch separate from and in advance of the stacking series.
I'm not 100% clear on what you are talking about, but since you are
currently working on the next revision to the LSM stacking patchset
perhaps it's best to just wait and see what the code looks like.
--
paul moore
www.paul-moore.com