Re: [PATCH v4 15/19] LSM: Infrastructure management of the task security

From: Kees Cook
Date: Fri Sep 21 2018 - 22:56:27 EST

Next message: Kees Cook: "Re: [PATCH v4 16/19] SELinux: Abstract use of ipc security blobs"
Previous message: Kees Cook: "Re: [PATCH v4 14/19] LSM: Infrastructure management of the inode security"
In reply to: Casey Schaufler: "[PATCH v4 15/19] LSM: Infrastructure management of the task security"
Next in thread: Casey Schaufler: "[PATCH v4 16/19] SELinux: Abstract use of ipc security blobs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Sep 21, 2018 at 5:19 PM, Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote:
> Move management of the task_struct->security blob out
> of the individual security modules and into the security
> infrastructure. Instead of allocating the blobs from within
> the modules the modules tell the infrastructure how much
> space is required, and the space is allocated there.
> The only user of this blob is AppArmor. The AppArmor use
> is abstracted to avoid future conflict.
>
> Signed-off-by: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>

Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>

-Kees

--
Kees Cook
Pixel Security

Next message: Kees Cook: "Re: [PATCH v4 16/19] SELinux: Abstract use of ipc security blobs"
Previous message: Kees Cook: "Re: [PATCH v4 14/19] LSM: Infrastructure management of the inode security"
In reply to: Casey Schaufler: "[PATCH v4 15/19] LSM: Infrastructure management of the task security"
Next in thread: Casey Schaufler: "[PATCH v4 16/19] SELinux: Abstract use of ipc security blobs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]