[patch 0/12] lsm stacking v0.2: intro

serue_at_us.ibm.com
Date: 06/30/05

  • Next message: Avuton Olrich: "Re: FUSE merging?" 
    Date:	Thu, 30 Jun 2005 14:44:58 -0500
To: lkml <linux-kernel@vger.kernel.org>

    Hi,

    The set of patches to follow introduces support for stacking LSMs.
    This is its second posting to lkml. I am sending it out in the hopes of
    soliciting feedback and testing, with the obvious eventual goal of
    mainline adoption.

    The patches mainly do the following:

       1. Introduce the stacker LSM.
       2. Change the kernel object void * security fields to be hlists,
          and introduce an api for modules to share these.
       3. Modify SELinux to make use of stacker.
       4. Modify seclvl to use stacker.

    Motivation:

    The purpose of these patches is to enable stacking multiple security
    modules. There are several cases where this would be very useful. It
    eases the testing of new modules with distro kernels, as it makes it
    possible to stack new modules with selinux and capabilities -- for
    instance if a user is running fedora. Second, it enables running
    selinux (or LIDS, etc) with integrity verification modules. (Digsig is
    an example of these, and within a few months hopefully the TPM-enabled
    slim+evm modules, which verifies integrity of file contents and extended
    attributes such as selinux contexts
    (http://www.acsac.org/2004/workshop/David-Safford.pdf) will be released
    for mainline inclusion). Thirdly, there are systems where running
    selinux is not practical for footprint reasons, and the security goals
    are easily expressed as a very small module. For instance, it might
    be desirable to confine a web browser on a zaurus, or to implement a
    site security policy on old hardware as per
    http://mail.wirex.com/pipermail/linux-security-module/2005-May/6071.html

    Performance impact of the actual stacker module is negligable. The
    security_{get,set,del,add}_value API does have a small performance
    impact. Please see
    http://marc.theaimsgroup.com/?l=linux-security-module&m=111820455332752&w=2
    and
    http://marc.theaimsgroup.com/?l=linux-security-module&m=111824326500837&w=2
    if interested in the performance results. I am certainly interested in
    ways to further speed up security_get_value.

    thanks,
    -serge
    -
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  • Next message: Avuton Olrich: "Re: FUSE merging?"

    Relevant Pages

    • patch 0/11] lsm stacking: intro
      ... The set of patches to follow introduces support for stacking LSMs. ... Modify SELinux to make use of stacker. ... The purpose of these patches is to enable stacking multiple security ...
      (Linux-Kernel)
    • [patch 0/15] lsm stacking v0.3: intro
      ... The set of patches to follow introduces support for stacking LSMs. ... Modify SELinux to make use of stacker. ...
      (Linux-Kernel)
    • Re: [2.6.20.17 review 00/58] 2.6.20.17 -stable review
      ... patches will be posted as a response to this message. ... The following security issues are solved: ... I'm a total looser in selinux, so I'll not be able to help here. ...
      (Linux-Kernel)
    • Re: [2.6.20.17 review 00/58] 2.6.20.17 -stable review
      ... patches will be posted as a response to this message. ... The following security issues are solved: ... I got a problem with SELinux ...
      (Linux-Kernel)
    • Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks
      ... Would there be a reason to implement floating labels in SELinux? ... In this case fireflier would need to do only this: ... To have all tasks assigned a security structure, ... * A task has accessed this file, add the task's SID to the group SID of ...
      (Linux-Kernel)