Re: about LSM in kernel 2.5

From: Valdis.Kletnieksat_private
Date: Mon Jun 23 2003 - 11:16:32 PDT

  • Next message: Stephen Smalley: "Re: [RFC][PATCH] Security hook for vm_enough_memory"

    On Mon, 23 Jun 2003 13:26:41 +0800, "Ling, Xiaofeng" said:
    > The hook I mean is the call to security_ops->xxxx(), I can not find these cod
    es in pristine kernel.(I read kernel 2.5.70)
    > These codes is added in additional LSM patch. 
    
    OH.. *NOW* I see the confusion.
    
    The file patch-2.5.72-lsm1.gz includes a *FEW* calls to security_ops->x()
    that are not part of the main kernel yet.  There's probably on the order of
    several hundred of them *already* squirreled throughout the source tree, often
    fairly hard to spot since they're little 2-3 line of code pieces in a million
    lines of code.  We've been pushing the patches to Linus a few hooks at a time,
    and what's in the lsm-1 patch are *only* the hooks that we've coded and not
    gotten into the Linus kernel yet.
    
    This is similar to how Andrew Morton's -mm series, Martin Bligh's -mjb series,
    William Irwin's -wli series, or the -odsl series of patches all include code
    that for one reason or another isn't in the Linus kernel.
    
    Hints for those searching for the hooks already in the tree:  The new calls are
    often somewhere near where older kernel trees had suser() or capable() calls..
    
    
    
    

    _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module



    This archive was generated by hypermail 2b30 : Mon Jun 23 2003 - 11:17:06 PDT