|
Message-Id: <201702061949.HGE43791.FFFtJVSHQOOLOM@I-love.SAKURA.ne.jp> Date: Mon, 6 Feb 2017 19:49:49 +0900 From: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp> To: tixxdz@...il.com Cc: linux-kernel@...r.kernel.org, kernel-hardening@...ts.openwall.com, linux-security-module@...r.kernel.org, keescook@...omium.org, akpm@...ux-foundation.org, wluikil@...il.com, dongsu@...ocode.com, luto@...nel.org, james.l.morris@...cle.com, serge@...lyn.com, viro@...iv.linux.org.uk, daniel@...que.org, jann@...jh.net, elena.reshetova@...el.com Subject: Re: [RFC/PATCH 1/3] security: add the security_task_copy() hook Djalal Harouni wrote: > To achieve the above we add the security_task_copy() hook that allows us > to clone the Timgad context of parent into child task_struct. > > The security hook can also be used by new LSMs after the child task has > done some initialization, this way they won't clash with the major LSMs. > The situation is not really well, this hook allows us to introduce a > stackable LSM that can be easily used with all other LSMs. We are already planning to revive security_task_alloc() hook (probably in Linux 4.12) ( news://news.gmane.org:119/201701101958.JAD43709.OtJSOQFVFOLHMF@...ove.SAKURA.ne.jp ). Is security_task_alloc() called too early for your case? (Well, we want to configure http archive like marc.info ?)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.