goals for today
play

Goals for Today Learning Objective: Discuss the ins and outs of MP4 - PowerPoint PPT Presentation

Sep 12, 2023 •565 likes •922 views

Goals for Today Learning Objective: Discuss the ins and outs of MP4 Announcements, etc: MP4 is out! Due May 6th (UTC-11) Final Exam MAY 9TH @ 7PM, SIEBEL 1404 Its fine to use electronics today CS 423: Operating

  1. Goals for Today • Learning Objective: • Discuss the in’s and out’s of MP4 • Announcements, etc: MP4 is out! Due May 6th (UTC-11) • Final Exam — MAY 9TH @ 7PM, SIEBEL 1404 • It’s fine to use electronics today CS 423: Operating Systems Design 1

  2. CS 423 
 Operating System Design: MP4 Walkthrough Mohammad Noureddine Spring 2018 CS 423: Operating Systems Design

  3. Preliminaries • Please do NOT revert to snapshots taken prior to the migration of the VMs • Take stable snapshots before starting this MP • Your security module will affect kernel boot • Work incrementally • Start with empty functions, add logic in small doses • Follow MP submission instructions carefully CS 423: Operating Systems Design 3

  4. Goals of this MP • Understand Linux Security Modules • Understand basic concepts behind Mandatory Access Control (MAC) • Understand and use filesystem extended attributes • Add custom kernel configuration parameters and boot parameters • Derive a least privilege policy for /usr/bin/ passwd CS 423: Operating Systems Design 4

  5. Linux Security Modules • Came out of a presentation that the NSA did in 2001 • Security Enhanced Linux (SELinux) • Kernel provided support for Discretionary Access Control • Did not provide framework for different security models w/o changes to core kernel code • Linux Security Modules (LSM) proposed as a solution • Not to be fooled by the term “module” • LSMs are NOT* loadable at runtime CS 423: Operating Systems Design 5

  6. Example LSMs • Some of the LSMs approved in the current kernel • AppArmor • SELinux • Smack • TOMOYO Linux • Yama • Must be configured at build-time and at boot time CS 423: Operating Systems Design 6

  7. How Do LSMs Work? • Hooks inserted throughout important functionalities of the kernel CS 423: Operating Systems Design 7

  8. Question • In which context does the LSM run? CS 423: Operating Systems Design 8

  9. Question • Q: In which context does the LSM run? • A: In the kernel context just before the kernel fulfills a request CS 423: Operating Systems Design 9

  10. Major and Minor LSM • Major LSM • Only one major LSM can run in the system • Examples: SELinux, Smack, etc. • Can access opaque security fields (blobs) • Data structures reserved only for the use of major LSMs • Minor LSM • Can be stacked • Does not have access to the security blobs • Examples: YAMA CS 423: Operating Systems Design 10

  11. Security Blobs? • Reserved fields in various kernel data structures • task_struct, inode, sk_buff, file, linux_binprm • Controlled by the major security module running • struct cred is the security context of a thread • task->cred->security is the tasks’s security blob • A task can only modify its own credentials • No need for locks in this case! • Need rcu read locks to access another tasks’s credentials CS 423: Operating Systems Design 11

  12. MAC • Q: What is Mandatory Access Control anyway? CS 423: Operating Systems Design 12

  13. MAC • Q: What is Mandatory Access Control anyway? • Access rights are based on regulations defined by a central authority • Strictly enforced by the kernel • Label objects by sensitivity • e.g., unclassified, confidential, secret, top secret • Label users (subjects) by, e.g., clearance • Grant access based on combination of subject and object labels CS 423: Operating Systems Design 13

  14. Labeling our System • We will developed a major security module • To keep things simple, we will focus on tasks that carry the label target • We will focus on only labeling inodes • We can use the security blobs • We will also use extended filesystem attributes • How do we label our tasks then? • We will use the inode label of the binary that is used to launch the process CS 423: Operating Systems Design 14

  15. FS Extended Attributes • Provides custom file attributes that are not interpreted by the file system • Convention: attributes under the prefix security will be used for interpretation by an LSM • We will be using security.mp4 • Set an attribute: • setfattr -n security.mp4 -v target target_binary • setfattr -n <prefix>.<suffix> -v <value> <file> • List attributes: • getfattr -d -m - <file> CS 423: Operating Systems Design 15

  16. MP4 Challenges • Label management • How to assign and maintain labels • How to transfer labels from inodes to tasks • Access control • Who gets to access what • Enforce MAC policy • Kernel configuration • Kconfig environment • Change boot parameters CS 423: Operating Systems Design 16

  17. Step 1: Compilation • Customize kernel configuration using the Kconfig environment • First add custom config option to security/mp4/ Kconfig CS 423: Operating Systems Design 17

  18. Step 1: Compilation • Now when you run make oldconfig , make will ask you whether to enable • CONFIG_SECURITY_MP4_LSM • You can also use it for static compiler macros in your code. e.g. #ifdef CONFIG_SECURITY_MP4_LSM void do_something(void) { printf(“MP4 active\n"); } #else void do_something(void) { } #endif CS 423: Operating Systems Design 18

  19. Step 1: Compilation • You can also use make menuconfig to see your config option visually • You might want to turn DEBUG_INFO off to speed up the generation of the .deb files CS 423: Operating Systems Design 19

  20. Step 1: Compilation • After the first compilation, you do not need to recompile the entire kernel again • Reminder: make clean removes all of the object files and will cause the entire kernel to be recompiled • For incremental builds, use: make -j<num_proc> • To produce .deb files again: • make bin deb-pkg LOCALVERSION=… CS 423: Operating Systems Design 20

  21. Step 1: Boot params • Next we want to enable the mp4 module as the major security module in our system • The kernel accepts the key-value pair security=<module> as part of its boot parameters • Update /etc/default/grub: GRUB_CMDLINE_LINUX_DEFAULT=“security=mp4” • Don’t forget to update grub! CS 423: Operating Systems Design 21

  22. Step 2: Implementation • We will implement our module in three steps: 1. Register the module and enable it as the only major security module (Provided to you at no cost in mp4.c) 2. Implement the labels initialization and management 3. Implement the mandatory access control logic • We provide you with helper functions in mp4_given.h • Use pr_info, pr_err, pr_debug, pr_warn macros • #define pr_fmt(fmt) "cs423_mp4: " fmt CS 423: Operating Systems Design 22

  23. Step 2.1: Startup • We provide you with the startup code to get your started • We will implement the following security hooks: static struct security_hook_list mp4_hooks[] = { LSM_HOOK_INIT(inode_init_security, mp4_inode_init_security), LSM_HOOK_INIT(inode_permission, mp4_inode_permission), LSM_HOOK_INIT(bprm_set_creds, mp4_bprm_set_creds), LSM_HOOK_INIT(cred_alloc_blank, mp4_cred_alloc_blank), LSM_HOOK_INIT(cred_free, mp4_cred_free), LSM_HOOK_INIT(cred_prepare, mp4_cred_prepare) }; CS 423: Operating Systems Design 23

  24. Step 2.2: Label Semantics CS 423: Operating Systems Design 24

  25. Step 2.2: Label Map if (strcmp(cred_ctx, "read-only") == 0) return MP4_READ_OBJ; else if (strcmp(cred_ctx, "read-write") == 0) return MP4_READ_WRITE; else if (strcmp(cred_ctx, "exec") == 0) return MP4_EXEC_OBJ; else if (strcmp(cred_ctx, "target") == 0) return MP4_TARGET_SID; else if (strcmp(cred_ctx, "dir") == 0) return MP4_READ_DIR; else if (strcmp(cred_ctx, "dir-write") == 0) return MP4_RW_DIR; else return MP4_NO_ACCESS; CS 423: Operating Systems Design 25

  26. Step 2.2: Label Mgmt • We are interested in three operations: 1. Allocate/free/copy subject security blobs 2. When a process starts, check the inode of the binary that launches it. • If it is labeled with target, mark task_struct as target • mp4_bprm_set_creds 3. Assign read-write label to inodes created by the target application • mp4_inode_init_security CS 423: Operating Systems Design 26

  27. Step 2.2: Attributes • How do we obtain an inode’s extended attributes? • Few hints: • Given an struct inode * , we can ask for its struct dentry * • You can query some kernel functions if there is something you need to know • This is important if you don’t know how much memory to allocate • Watch for the ERANGE errno • It is very important to put back a dentry after you use it • dput(dentry); CS 423: Operating Systems Design 27

  28. Step 2.3: Implement AC • Translate label semantics into code • mp4_inode_permission • Operation masks are in linux/fs.h • Obtain current task’s subject blob using current_cred() • To speed things up during boot, we want to skip certain directories • Obtain inode’s path (hint: use dentry!) • Call mp4_should_skip_path from mp4_given.h CS 423: Operating Systems Design 28

  29. Step 2.3: Implement AC Is program labeled with MAC Query target? Decision YES NO Is program allowed to Allow YES MAC Policy Is inode a directory? access the inode? access NO NO YES Is program allowed to YES access the inode? Deny access and Allow access log attempt! NO Deny access and log attempt! CS 423: Operating Systems Design 29

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

One-on-One Interviews Training for SPF SIG coalitions Goals for today After today, you will

One-on-One Interviews Training for SPF SIG coalitions Goals for today After today, you will

Wilder Research One-on-One Interviews Training for SPF SIG coalitions Goals for today After today, you will understand The purpose of the One-on-Ones The One-on-One process The tools The ways to protect the privacy of

363 views • 19 slides
Mission, Goals, Metrics: Where Is CSCU Today? CSCU Mission &amp; Goals History BOR adopted the

Mission, Goals, Metrics: Where Is CSCU Today? CSCU Mission &amp; Goals History BOR adopted the

Mission, Goals, Metrics: Where Is CSCU Today? CSCU Mission &amp; Goals History BOR adopted the mission and goals - June 2013 Mission &amp; goals development included a wide array of stakeholders In addition to the CSCU Mission , each

314 views • 15 slides
Goals for Today Learning Objective: Define a taxonomy for virtualization architectures

Goals for Today Learning Objective: Define a taxonomy for virtualization architectures

Goals for Today Learning Objective: Define a taxonomy for virtualization architectures Announcements, etc: Informal Early Feedback at end of class today Midterm debrief forthcoming on Friday MP2 extension: now due on

726 views • 21 slides
Goals for Today Learning Objective: Learn how to achieve reliability + availability in

Goals for Today Learning Objective: Learn how to achieve reliability + availability in

Goals for Today Learning Objective: Learn how to achieve reliability + availability in storage!! Announcements, etc: MP3 is out! Due April 18th . MP3 Walkthrough on Monday, slides up later today Reminder : Please put away devices

909 views • 47 slides
Welcome Dan McAllister, Treasurer Tax-Collector 2 Agenda Goals for today Escheatment

Welcome Dan McAllister, Treasurer Tax-Collector 2 Agenda Goals for today Escheatment

2015 Annual Countywide Escheatment Kick-off Meeting Welcome Dan McAllister, Treasurer Tax-Collector 2 Agenda Goals for today Escheatment Overview 2014 Recap Policy and Procedure Summary 2015 Timeline Q&amp;A 3 Goals

661 views • 17 slides
Goals for Today Learning Objective: Present final exam details + review content

Goals for Today Learning Objective: Present final exam details + review content

Goals for Today Learning Objective: Present final exam details + review content Announcements, etc: MP3 Soft Extension: Submit by TODAY for -10pts MP4 due May 7th Deadline provides more time than necessary; wanted to give you

648 views • 49 slides
Budget Recalibration Phase 2 Implementation Group Kickoff August 8, 2017 1 Agenda and Goals

Budget Recalibration Phase 2 Implementation Group Kickoff August 8, 2017 1 Agenda and Goals

Budget Recalibration Phase 2 Implementation Group Kickoff August 8, 2017 1 Agenda and Goals for Today 2 Agenda and Goals for today &gt; Big Picture: Launch of 3-year Phase-in of Modified RCM Budget Model &gt; Goals: Review Process to

502 views • 31 slides
Goals for Today Learning Objective: Learn about directory structures Run through some

Goals for Today Learning Objective: Learn about directory structures Run through some

Goals for Today Learning Objective: Learn about directory structures Run through some disk performance exercises Announcements, etc: C4: I removed 2 papers from your reading list No longer need to read Multics Security Eval

421 views • 27 slides
E Komo Mai We Will Be Talking About Your Marketing Goals and Tactics Today. As you get Settled,

E Komo Mai We Will Be Talking About Your Marketing Goals and Tactics Today. As you get Settled,

E Komo Mai We Will Be Talking About Your Marketing Goals and Tactics Today. As you get Settled, Please Take a Minute to Think about Examples You Can Share with the Group. Feel Free to Talk Amongst Yourselves... How to Write a Great Very

269 views • 13 slides
2/10/15 Today s goals Design Patterns What are Design Patterns? Announcements:

2/10/15 Today s goals Design Patterns What are Design Patterns? Announcements:

2/10/15 Today s goals Design Patterns What are Design Patterns? Announcements: Thank you for your Early Informal Feedback Composite, Visitor, HW3 Phase 2, peer reviews due this Thu at Template Method, Faade, 5pm

104 views • 8 slides
Goals for today Everything you wanted to know about C-strings (but were afraid to ask)

Goals for today Everything you wanted to know about C-strings (but were afraid to ask)

Goals for today Everything you wanted to know about C-strings (but were afraid to ask) Char/ascii String constants, string as abstraction (albeit a leaky one) C library functions &lt;string.h&gt; Under the hood: C-string as

331 views • 6 slides
OCLC Update So, what are our goals for today? Hear what OCLC is doing governance,

OCLC Update So, what are our goals for today? Hear what OCLC is doing governance,

OCLC Member Forums 2015 OCLC Update So, what are our goals for today? Hear what OCLC is doing governance, participation, products and services Talk to each other about what you are doing share best practices, tips and tricks

1.57k views • 102 slides
Marina Industry Our goal today Who we are What are our strategic goals Give you three

Marina Industry Our goal today Who we are What are our strategic goals Give you three

The Voice of the Marina Industry Our goal today Who we are What are our strategic goals Give you three reasons for joining AMIs affiliate program Answer your questions Who are we? Association of Marina Industries The

360 views • 17 slides
Outline for Today Course Overview Goals Administrative details CSE 143 Workload

Outline for Today Course Overview Goals Administrative details CSE 143 Workload

Outline for Today Course Overview Goals Administrative details CSE 143 Workload and grading Computer Programming II Resources Welcome! This information is largely included in todays handouts, Course Overview and

288 views • 7 slides
AMP Implementation Workshop 9-13-2013 Goal for today: Draft 3-5 goals that your department

AMP Implementation Workshop 9-13-2013 Goal for today: Draft 3-5 goals that your department

AMP Implementation Workshop 9-13-2013 Goal for today: Draft 3-5 goals that your department is going to focus on that link to the Academic Master Plan AMP connects to multiple items such as performance indicators, enrollment via

333 views • 6 slides
Goals for Today ARE YOU OFF YOUR ROCKER? Discuss the functional demands of the lower extremity

Goals for Today ARE YOU OFF YOUR ROCKER? Discuss the functional demands of the lower extremity

5/7/2013 Goals for Today ARE YOU OFF YOUR ROCKER? Discuss the functional demands of the lower extremity What are they? Absorption vs. Propulsion vs. Transition Muscles Clinical Techniques for Joints Timing Gait Rockers

186 views • 3 slides
Security Subsystem Report: Yama Linux Security Summit 2012 Kees Cook (pronounced

Security Subsystem Report: Yama Linux Security Summit 2012 Kees Cook (pronounced

Security Subsystem Report: Yama Linux Security Summit 2012 Kees Cook (pronounced &quot;Case&quot;) keescook@chromium.org http://outflux.net/slides/2012/lss/lsm/ Overview Past Present Future Past (&quot;ruler of the

194 views • 6 slides
Convex Optimization 8. Geometric Problems Prof. Ying Cui Department of Electrical Engineering

Convex Optimization 8. Geometric Problems Prof. Ying Cui Department of Electrical Engineering

Convex Optimization 8. Geometric Problems Prof. Ying Cui Department of Electrical Engineering Shanghai Jiao Tong University 2018 SJTU Ying Cui 1 / 26 Outline Extremal volume ellipsoids Centering Classification Placement and facility

622 views • 26 slides
Statics 7-1 Systems of Forces Statics problems involve a system of balanced forces.

Statics 7-1 Systems of Forces Statics problems involve a system of balanced forces.

Statics 7-1 Systems of Forces Statics problems involve a system of balanced forces. Professional Publications, Inc. FERC Statics 7-2 NCEES Handbook Sample from the NCEES Handbook: www.ncees.org Professional Publications, Inc. FERC

676 views • 35 slides
Basic hydrodynamics and Introduction to FLASH Kuo-Chuan Pan ( ) Institute of Astronomy,

Basic hydrodynamics and Introduction to FLASH Kuo-Chuan Pan ( ) Institute of Astronomy,

Basic hydrodynamics and Introduction to FLASH Kuo-Chuan Pan ( ) Institute of Astronomy, NTHU 1 Numerical Astrophysics Summer School: Computational Astrophysical Fluid Dynamics, 2019.09.04, IoA, NTHU Outline: Astrophysical

881 views • 70 slides
Widely Used But Out-Of-Tree Kees Cook (that's pronounced Case) kees.cook@canonical.com

Widely Used But Out-Of-Tree Kees Cook (that's pronounced Case) kees.cook@canonical.com

Widely Used But Out-Of-Tree Kees Cook (that's pronounced Case) kees.cook@canonical.com Linux Security Summit Boston, Aug 2010 http://people.canonical.com/~kees/slides/out-of-tree.pdf Internal use only 1 Agenda Past

919 views • 12 slides
Indirect WIMP detection with neutrinos in Hyper-K Yusuke Koshio for Hyper-K astrophysics working

Indirect WIMP detection with neutrinos in Hyper-K Yusuke Koshio for Hyper-K astrophysics working

Indirect WIMP detection with neutrinos in Hyper-K Yusuke Koshio for Hyper-K astrophysics working group Kamioka observatory, ICRR, Univ. of Tokyo Cosmic Frontier Workshop SLAC - March 7, 2013 Neutrinos generated by WIMP annihilation Trap

542 views • 20 slides
HK Cavern Construction Masato Shiozawa (UTokyo) T2HKK Workshop November 21, 2016 1

HK Cavern Construction Masato Shiozawa (UTokyo) T2HKK Workshop November 21, 2016 1

HK Cavern Construction Masato Shiozawa (UTokyo) T2HKK Workshop November 21, 2016 1 Overview of Hyper-K cavern design and excavation is given in my talk Thanks to J.Yamatomi, S. Nakayama, and Hide Tanaka for many slides More

398 views • 19 slides
Neutrino-Oxygen Neutral-Current Elastic Interaction as a Background in Supernova Relic Neutrino

Neutrino-Oxygen Neutral-Current Elastic Interaction as a Background in Supernova Relic Neutrino

16th International Conference on Topics in Astroparticle and Underground Physics September 913, 2019 / Toyama, Japan Neutrino-Oxygen Neutral-Current Elastic Interaction as a Background in Supernova Relic Neutrino Search Yosuke ASHIDA (Kyoto

441 views • 42 slides

More recommend