www.sf.net/projects/lsm-stacker has a new update of the stacker patches. I've gone back to most things lockless for the sake of performance. See item # 4 under the updates for the RCU (-less) info, and the file stacker_rcu_test.txt (in the latest sourceforge release for some performance data) . See item # 2 for the rwlock (-less) info. Both require some extra knowledge from modules writers which is not yet reflected in Documentation/security-stacking.txt. thanks, -serge Patches are against 2.6.11-rc4-bk9. Apply the patches in he following order: mod_verify_ops.patch lsm-chain.patch stacker.patch seclvl-quickfix.patch seclvl-stack.patch selinux-stack.patch Updates: 1. mod_verify_ops.patch: Do not substitute dummy_ hooks in place of NULL ones on mod_reg_security(). 2. lsm-chain.patch: removed rwlock from security_set_value, security_get_value, and security_del_value operations. It is expected that security_del_value is only called from the security_free_* operation (ie security_free_inode), and that security_set_value only be called from security_alloc_*. A new, spinlock-protected function, security_add_value, can be used to add a security value at a later time. Look at the digsig.c.patch for sample usage. 3. stacker.patch: RCU is no longer used to protect the module list. Modules which do not use security_*_value() should still safely be able to unregister themselves. Modules which do use these should prevent themselves being unloaded using try_module_get(THIS_MODULE). They can still be disabled using echo -n module_name > /sys/stacker/unload The module's security_free_* hooks will still be called, but no others. If a module keeps all it's allocated kernel object data in a list so that it is able to delete it all on unload, then it could still allow itself to be unloaded. 4. stacker_rcu_test.txt: This lists the results of comparing a set of kernel compiles and LMBench with 5 test LSMs (see stackperf1.c) loaded under stacker with and without RCU on a 32-cpu system. Results show 3% performance drop on a kernel compile in the RCU protected version. 5. seclvl-quickfix.patch: Ignore this file, as it is a set of temporary fixes until Michael Halcrow's seclvl patches are accepted upstream. 6. seclvl-stack.patch: This does not use security_add_value(), and therefore this version should be compiled into the kernel. 7. selinux-stack.patch: Main difference is that when selinux is compiled in, the stackable capabilities module (cap_stack.ko) is now required. -- Serge Hallyn <serue@private>
This archive was generated by hypermail 2.1.3 : Mon Feb 21 2005 - 10:49:48 PST