[patch 0/12] lsm stacking v0.2: intro

Hi,

The set of patches to follow introduces support for stacking LSMs.
This is its second posting to lkml.  I am sending it out in the hopes of
soliciting feedback and testing, with the obvious eventual goal of
mainline adoption.

The patches mainly do the following:

   1. Introduce the stacker LSM.
   2. Change the kernel object void * security fields to be hlists,
      and introduce an api for modules to share these.
   3. Modify SELinux to make use of stacker.
   4. Modify seclvl to use stacker.

Motivation:

The purpose of these patches is to enable stacking multiple security
modules.  There are several cases where this would be very useful.  It
eases the testing of new modules with distro kernels, as it makes it
possible to stack new modules with selinux and capabilities -- for
instance if a user is running fedora.  Second, it enables running
selinux (or LIDS, etc) with integrity verification modules.  (Digsig is
an example of these, and within a few months hopefully the TPM-enabled
slim+evm modules, which verifies integrity of file contents and extended
attributes such as selinux contexts
(http://www.acsac.org/2004/workshop/David-Safford.pdf) will be released
for mainline inclusion).  Thirdly, there are systems where running
selinux is not practical for footprint reasons, and the security goals
are easily expressed as a very small module.  For instance, it might
be desirable to confine a web browser on a zaurus, or to implement a
site security policy on old hardware as per
http://mail.wirex.com/pipermail/linux-security-module/2005-May/6071.html

Performance impact of the actual stacker module is negligable.  The
security_{get,set,del,add}_value API does have a small performance
impact.  Please see
http://marc.theaimsgroup.com/?l=linux-security-module&m=111820455332752&w=2
and
http://marc.theaimsgroup.com/?l=linux-security-module&m=111824326500837&w=2
if interested in the performance results.  I am certainly interested in
ways to further speed up security_get_value.

thanks,
-serge
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Follow-Ups:
- [patch 8/12] lsm stacking v0.2: selinux: use security_*_value API
  - From: [email protected]
- [patch 11/12] lsm stacking v0.2: /proc/$$/attr/ sharing
  - From: [email protected]
- [patch 12/12] lsm stacking v0.2: update seclvl for stacking
  - From: [email protected]
- [patch 6/12] lsm stacking v0.2: stackable capability lsm
  - From: [email protected]
- [patch 9/12] lsm stacking v0.2: selinux: remove secondary support
  - From: [email protected]
- [patch 7/12] lsm stacking v0.2: selinux: update security structs
  - From: [email protected]
- [patch 10/12] lsm stacking v0.2: hook completeness verification
  - From: [email protected]
- [patch 5/12] lsm stacking v0.2: actual stacker module
  - From: [email protected]
- [patch 1/12] lsm stacking v0.2: don't default to dummy_##hook
  - From: [email protected]
- [patch 4/12] lsm stacking v0.2: stacker documentation
  - From: [email protected]
- [patch 2/12] lsm stacking v0.2: replace void* security with hlist
  - From: [email protected]
- [patch 3/12] lsm stacking v0.2: introduce security_*_value API
  - From: [email protected]

Prev by Date: Re: Problem with inotify
Next by Date: Re: FUSE merging?
Previous by thread: Linux 2.6.12.1 gives panic with ata_piix (irq 11: nobody cared!)
Next by thread: [patch 3/12] lsm stacking v0.2: introduce security_*_value API
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]