Re: Possible system call interface for LSM

• Previous message: Jesse Pollard: "Re: Possible system call interface for LSM"
• In reply to: Seth Arnold: "Re: Possible system call interface for LSM"
• Next in thread: richard offer: "Re: Possible system call interface for LSM"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Seth Arnold  wrote:
>Please forgive my ignorance, but is it common for kernel space to call
>syscalls?

No.

(One exception includes loadable kernel modules that use syscall
interposition for security, but I expect that once LSM is in place,
they can be largely converted to use LSM hooks instead of syscall
interposition.)

Syscall interposition in the kernel is a bit of a can of worms,
if you want to handle it in full generality.  User/kernel pointers,
SMP, locking, and portability issues are annoying, and writing code
to handle execve() is a good way to lose your lunch.

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: David Wagner: "Re: Possible system call interface for LSM"
• Previous message: Jesse Pollard: "Re: Possible system call interface for LSM"
• In reply to: Seth Arnold: "Re: Possible system call interface for LSM"
• Next in thread: richard offer: "Re: Possible system call interface for LSM"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Aug 09 2001 - 15:32:38 PDT