Re: if loaded 2 security modules how does it work in kernel?

Previous message: Valdis.Kletnieksat_private: "Re: if loaded 2 security modules how does it work in kernel?"
In reply to: Wade Yin: "if loaded 2 security modules how does it work in kernel?"
Next in thread: Crispin Cowan: "Re: if loaded 2 security modules how does it work in kernel?"
Reply: Crispin Cowan: "Re: if loaded 2 security modules how does it work in kernel?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

chrisat_private

* Wade Yin (hdyinat_private-info.com) wrote:
>    I try to figure out that if I loaded 2 security modules in the
> kernel, eg. one is SELinux TE&RBAC security module  the other is X
> security module, how does the kernel consult the 2 policy modules?
> Both them implemnted the LSM hook functions, the kernel will call the 2
> hooks ?  how does it do it?

The kernel will only call the primary module's callback functions (the
module that uses register_security().  Later modules can register
directly with the primary module to form a stack of modules using
mod_reg_security().  The primary module is responsible for multiplexing
the acces control decision and returning success or fail to the kernel.

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module