Need opinion on IPC structures

From: Chris Vance (cvanceat_private)
Date: Mon Jun 11 2001 - 12:31:19 PDT

  • Next message: Chris Wright: "Re: Need opinion on IPC structures"

    Moving forward with SELinux, I have begun to working with IPC. 
    
    In order to make intelligent access decisions, LSM modules will likely
    need access to several of the kernel IPC structures. Currently some of
    these structures are not available externally. In particular:
    
    	struct shmid_kernel is defined in ipc/shm.c
    	struct msg_queue    is defined in ipc/msg.c
    	struct msg_msg      is defined in ipc/msg.c
    
    I am proposing that these structures (and dependencies) be moved into
    the appropriate header files (shm.h and msg.h), within '#ifdef
    __KERNEL__' tags.
    
    By doing this, the structures will be available to LSM modules.
    
    I will also be adding an a security field (void *) to struct
    kern_ipc_perm and struct msg_msg.
    
    I'm looking for opinions or alternatives.  If there are no objections, I
    will do as I proposed and submit a patch in a couple days that
    incorporates this change, as well as some proposed LSM hook insertion
    points for IPC.
    
    Note, there aren't any issues with semaphores, the appropriate
    structure (struct sem_array) is already available in
    include/linux/sem.h.
    
    This all appears to be part of the reorganization that occurred
    between the 2.2 and 2.4 kernels.
    
    chris.
    
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Mon Jun 11 2001 - 12:33:25 PDT