Quoting Tony Jones (tonyj@private): > Hi Serge, > > I have a question about stacker_vm_enough_memory. > > I note that SELinux doesn't implement the vm_enough_memory hook right now, so > fixup_ops gives them dummy_vm_enough_memory. Same for our module currently > in an unstacked setup. > > For stacker, if no module is registered, stacker_vm_enough_memory calls > capable() rather than dummy_capable() [but the problem would be the same > if capability was the first module in the list (or any module who's > vm_enough_memory hook called capable().] > > The issue is that if any module in the chain tries to do any auditing based > on rejecting capable() things get quite noisy. Another good catch. Stacker should not be using capable, but IMO that is because it should not be setting PF_SUPERPRIV if the request was granted. So I believe stacker should loop through each stacked module's capable() function for an answer. But that would still call your module's capable(). I take it that is not sufficient? What would you suggest? Always using default_module->capable()? > I would imaging selinux auditing, if enabled, would see a similar problem. > Places in the kernel which modify a request rather than rejecting it based on > the result of capable() seem few at present. I'm not sure what you mean by this. thanks, -serge
This archive was generated by hypermail 2.1.3 : Tue Jun 28 2005 - 19:38:51 PDT