> In DSI project, the security policy file is written on XML, it is parsed > in user space and then the info is sent to our Linux kernel module dsm, > through sysfs. you could have a look at our source code, > http://sourceforge.net/projects/disec/ consider downloading the > disec-0.4 package. hi, Makan: The implementation of parsing policy in DSI is followed: (1) In file lsm/startup.c, dsi_fops is defined and register a char device when boot up: device_file_major = register_chrdev (0, "DSI_module", &dsi_fops); Its write and read operation is dsi_write() and dsi_read() function, defined in lsm/dsi_dev.c (2) In file common/src/dsiCommonCharDevice.c, callCharDevice() is defined. When the policy is updated, this function is called in file usr/tools/UpdatePolicy.cpp. (3) The parameters between userspace and kernelspace is in hook function dsi_sys_security(). But this hook is removed in 2.6. I do not know whether the procedure is right. But as described in (3), sys_security hook is removed from 2.6 . Then how can we do?
This archive was generated by hypermail 2.1.3 : Sun Sep 12 2004 - 01:44:59 PDT