On Sat, Jun 30, 2007 at 08:21:52PM -0400, Kyle Moffett wrote:That's why you'd need to call an LSM hook to get a unique identifier, as the LSM would actually need to allocate identifiers for equivalence classes. Secondly, processes may change labels as they run, so you couldn't just call it once and cache the result, you would need to call it for every freed page (or every re-use of a page).
Davide's patch adds a owner_uid field to mm_struct. Assuming that turns
into a "mm security equivalence class identifier", the LSM can simply
update it when a label-change-event occurs. No need to call out to
(potentially heavyweight!) LSM code in page allocation critical paths.
I'm a bit concerned that tracking the equivalence classes will get
expensive. I think you can end up with quadratic explosion in the worst
case (every user using every permutation of LSM bits).