The attached (gzipped) patch, relative to a vanilla 2.5.25 (or alternatively to vanilla 2.5.25+ipc.patch), contains the basic changes for the LSM framework along with only the task and binprm hooks and corresponding dummy and capability modules. I also included several "top-level" hooks that seemed to fit with the task hooks and were important for providing a useable kernel. The resulting kernel can be built and booted, and should function identically to an unmodified Linux kernel when the capability module is built-in or inserted. The dummy module should mostly function as expected for traditional superuser logic, but will run into a denial on netlink messages due to the lack of the netlink changes in this patch. This patch is intended to serve as a starting point for splitting up the LSM patch. Feel free to suggest further reductions to this patch (e.g. we could easily separate the sys_security system call) or additions to this patch (e.g. we could easily add other top-level "system" hooks). I don't think we want to try to separate the task hooks from the binprm hooks or remove the capable changes from this patch, as the resulting patch would likely leave the kernel in an unuseable state. My thinking is that we would use a patch like this one as the base LSM patch, with separate patches for the super_block+inode+file hooks, the IPC hooks, the socket hooks, and the networking hooks. -- Stephen D. Smalley, NAI Labs ssmalleyat_private
This archive was generated by hypermail 2b30 : Tue Jul 16 2002 - 09:32:00 PDT