Re: Possible system call interface for LSM

• Previous message: jmjonesat_private: "Re: Possible system call interface for LSM"
• In reply to: Crispin Cowan: "Re: Possible system call interface for LSM"
• Next in thread: Crispin Cowan: "Re: Possible system call interface for LSM"
• Next in thread: jmjonesat_private: "Re: Possible system call interface for LSM"
• Reply: Crispin Cowan: "Re: Possible system call interface for LSM"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Crispin Cowan  wrote:
>David Wagner wrote:
>Ok.  So the LSM syscall and the LSM rmmod need an interlock.  [...]

I believe it's more pervasive than this.  The app is going to check
whether SELinux is present and cache this information.  If this
information becomes incorrected (by a rmmod), we need some way to inform
the app to invalidate its cache entry.

(The app might be quiescent during the rmmod/insmod period, but then wake
back up after the insmod of a new module, and still have laying around
its old, incorrect cached information about which module is in place.)

Am I overlooking something?

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Crispin Cowan: "Re: Possible system call interface for LSM"
• Previous message: jmjonesat_private: "Re: Possible system call interface for LSM"
• In reply to: Crispin Cowan: "Re: Possible system call interface for LSM"
• Next in thread: Crispin Cowan: "Re: Possible system call interface for LSM"
• Next in thread: jmjonesat_private: "Re: Possible system call interface for LSM"
• Reply: Crispin Cowan: "Re: Possible system call interface for LSM"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Aug 10 2001 - 19:23:06 PDT