The hook I mean is the call to security_ops->xxxx(), I can not find these codes in pristine kernel.(I read kernel 2.5.70)
These codes is added in additional LSM patch.
like in sys_reboot:
retval=secrutiy_reboot(cmd);
if(retval) {
return retval;
}
I'm not very clear about the relationship between the code already in pristine kernel and the additional LSM patch.
For my understanding, the pristine kernel part is the framework, and the additional patch is some real policy module,
The definition for security framework shall include the hook API and call position for these API. but why the call to
the hooks is not in the pristine kernel?
> -----Original Message-----
> From: Greg KH [mailto:gregat_private]
> Sent: Monday, June 23, 2003 11:53 AM
> To: Ling, Xiaofeng
> Cc: linux-security-moduleat_private
> Subject: Re: about LSM in kernel 2.5
>
>
> On Mon, Jun 23, 2003 at 11:27:17AM +0800, Ling, Xiaofeng wrote:
> > Hi,
> > I have read the code about LSM in kernel 2.5, It seems
> there is no any hook being
> > added in kernel source, does it mean if anyone want to
> implement a secuirty module,
> > he/she must add these hooks by themself?
>
> No, LSM is already in the kernel, along with the hooks. You can
> implement a security module today without having to add any hooks, see
> the example root_plug security module for such an example.
>
> Hope this helps,
>
> greg k-h
>
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Sun Jun 22 2003 - 22:27:15 PDT