Re: [RFC PATCH v3 00/13] Clavis LSM

On March 21, 2025 6:56:53 PM Eric Snowberg wrote: On Mar 21, 2025, at 4:13 PM, Paul Moore wrote: On Fri, Mar 21, 2025 at 5:21 PM Eric Snowberg wrote: On Mar 21, 2025, at 12:57 PM, Paul Moore wrote: ... , but I will note that I don't recall you offering to step up and maintain Lockdown any

Re: [RFC PATCH v3 00/13] Clavis LSM

> On Mar 21, 2025, at 4:13 PM, Paul Moore wrote: > > On Fri, Mar 21, 2025 at 5:21 PM Eric Snowberg > wrote: >>> On Mar 21, 2025, at 12:57 PM, Paul Moore wrote: >> ... >>> , but I will note that I don't recall you offering to step >>> up and maintain Lockdown anywhere in this thread. >> >> I

Re: [RFC PATCH security-next 1/4] security: Hornet LSM

On Fri, Mar 21, 2025 at 09:45:03AM -0700, Blaise Boscaccy wrote: > This adds the Hornet Linux Security Module which provides signature > verification of eBPF programs. > > Hornet uses a similar signature verification scheme similar to that of used 'similar' twice > kernel modules. A pkcs#7 signa

Re: [RFC PATCH security-next 0/4] Introducing Hornet LSM

On Fri, Mar 21, 2025 at 12:45 PM Blaise Boscaccy wrote: > > This patch series introduces the Hornet LSM. > > Hornet takes a simple approach to light-skeleton-based eBPF signature > verification. Signature data can be easily generated for the binary > data that is generated via bpftool gen -L. This

Re: [RFC PATCH v3 00/13] Clavis LSM

> On Mar 21, 2025, at 12:57 PM, Paul Moore wrote: ... > , but I will note that I don't recall you offering to step > up and maintain Lockdown anywhere in this thread. I didn't realize that trying to contribute a new LSM and being willing to be the maintainer of it also involved stepping up t

Re: [RFC PATCH v3 00/13] Clavis LSM

On Fri, 2025-03-21 at 20:15 +, Eric Snowberg wrote: > > On Mar 21, 2025, at 10:55 AM, James Bottomley > > wrote: [...] > > >   Hopefully that is not the case, since the public  key ships on > > > just about every single PC built. > > > > I don't understand why Microsoft no-longer owning the p

Re: [RFC PATCH v3 00/13] Clavis LSM

> On Mar 21, 2025, at 10:55 AM, James Bottomley > wrote: > > On Fri, 2025-03-21 at 16:40 +, Eric Snowberg wrote: >>> On Mar 20, 2025, at 4:40 PM, James Bottomley >>> wrote: >>> >>> On Thu, 2025-03-20 at 16:24 +, Eric Snowberg wrote: Having lockdown enforcement has always been >

Re: [RFC PATCH v3 00/13] Clavis LSM

> On Mar 20, 2025, at 3:36 PM, Paul Moore wrote: > > On Thu, Mar 20, 2025 at 12:29 PM Eric Snowberg > wrote: >>> On Mar 6, 2025, at 7:46 PM, Paul Moore wrote: >>> On March 6, 2025 5:29:36 PM Eric Snowberg wrote: > > ... > Does this mean Microsoft will begin signing shims in the futur

Re: [RFC PATCH v3 00/13] Clavis LSM

On Fri, 2025-03-21 at 16:40 +, Eric Snowberg wrote: > > On Mar 20, 2025, at 4:40 PM, James Bottomley > > wrote: > > > > On Thu, 2025-03-20 at 16:24 +, Eric Snowberg wrote: > > > Having lockdown enforcement has always been > > > a requirement to get a shim signed by Microsoft. > > > > Th

Re: [RFC PATCH security-next 1/4] security: Hornet LSM

Blaise Boscaccy writes: > This adds the Hornet Linux Security Module which provides signature > verification of eBPF programs. > > Hornet uses a similar signature verification scheme similar to that of > kernel modules. A pkcs#7 signature is appended to the end of an > executable file. During an

Re: [RFC PATCH v3 00/13] Clavis LSM

On Thu, Mar 20, 2025 at 05:36:41PM -0400, Paul Moore wrote: > On Thu, Mar 20, 2025 at 12:29 PM Eric Snowberg > wrote: > > > On Mar 6, 2025, at 7:46 PM, Paul Moore wrote: > > > On March 6, 2025 5:29:36 PM Eric Snowberg > > > wrote: > > ... > > > >> Does this mean Microsoft will begin signing

Re: [RFC PATCH v3 00/13] Clavis LSM

On Thu, Mar 20, 2025 at 06:40:55PM -0400, James Bottomley wrote: > On Thu, 2025-03-20 at 16:24 +, Eric Snowberg wrote: > > Having lockdown enforcement has always been > > a requirement to get a shim signed by Microsoft. > > This is factually incorrect. Microsoft transferred shim signing to a

[RFC PATCH security-next 4/4] selftests/hornet: Add a selftest for the hornet LSM

This selftest tests contains a simple testcase that utilizes an lskel loader. One version of the lskel is signed with the autogenerated module signing key, another is not. A test driver attempts to load the lskels. With hornet enabled, the signed version should successfully be loaded, and the unsig

[RFC PATCH security-next 3/4] hornet: Add an example lskel data extactor script

This script eases lskel developments against hornet by generating the data payload used for code signing. It extracts the data out of the autogenerated lskel header that gets created via bpftool. Signed-off-by: Blaise Boscaccy --- scripts/hornet/extract-skel.sh | 29 +

[RFC PATCH security-next 1/4] security: Hornet LSM

This adds the Hornet Linux Security Module which provides signature verification of eBPF programs. Hornet uses a similar signature verification scheme similar to that of kernel modules. A pkcs#7 signature is appended to the end of an executable file. During an invocation of bpf_prog_load, the sign

[RFC PATCH security-next 0/4] Introducing Hornet LSM

This patch series introduces the Hornet LSM. Hornet takes a simple approach to light-skeleton-based eBPF signature verification. Signature data can be easily generated for the binary data that is generated via bpftool gen -L. This signature can be appended to a skeleton executable via scripts/sign

Re: [RFC PATCH v3 00/13] Clavis LSM

> On Mar 20, 2025, at 4:40 PM, James Bottomley > wrote: > > On Thu, 2025-03-20 at 16:24 +, Eric Snowberg wrote: >> Having lockdown enforcement has always been >> a requirement to get a shim signed by Microsoft. > > This is factually incorrect. Microsoft transferred shim signing to an >