On Thu, Sep 20, 2012 at 1:29 PM, Andrew Morton
wrote:
> On Fri, 7 Sep 2012 11:38:13 -0700
> Kees Cook wrote:
>
>> Instead of (or in addition to) kernel module signing, being able to reason
>> about the origin of a kernel module would be valuable in situations
>> where an OS already trusts a spec
On Fri, 7 Sep 2012 11:38:13 -0700
Kees Cook wrote:
> Instead of (or in addition to) kernel module signing, being able to reason
> about the origin of a kernel module would be valuable in situations
> where an OS already trusts a specific file system, file, etc, due to
> things like security labe
On Fri, 2012-09-07 at 11:38 -0700, Kees Cook wrote:
> Now that kernel module origins can be reasoned about, provide a hook to
> the LSMs to make policy decisions about the module file.
>
> Signed-off-by: Kees Cook
> Acked-by: Serge E. Hallyn
> ---
> include/linux/security.h | 13 +
Acked-by: Eric Paris
On Fri, Sep 7, 2012 at 2:38 PM, Kees Cook wrote:
> Now that kernel module origins can be reasoned about, provide a hook to
> the LSMs to make policy decisions about the module file.
>
> Signed-off-by: Kees Cook
> Acked-by: Serge E. Hallyn
> ---
> include/linux/security.h
Now that kernel module origins can be reasoned about, provide a hook to
the LSMs to make policy decisions about the module file.
Signed-off-by: Kees Cook
Acked-by: Serge E. Hallyn
---
include/linux/security.h | 13 +
kernel/module.c |9 +
security/capability.c
Now that kernel module origins can be reasoned about, provide a hook to
the LSMs to make policy decisions about the module file.
Signed-off-by: Kees Cook
Acked-by: Serge E. Hallyn
---
include/linux/security.h | 13 +
kernel/module.c |9 +
security/capability.c
Quoting Kees Cook (keesc...@chromium.org):
> Now that kernel module origins can be reasoned about, provide a hook to
> the LSMs to make policy decisions about the module file.
>
> Signed-off-by: Kees Cook
Acked-by: Serge E. Hallyn
> ---
> include/linux/security.h | 11 +++
> kernel/
Now that kernel module origins can be reasoned about, provide a hook to
the LSMs to make policy decisions about the module file.
Signed-off-by: Kees Cook
---
include/linux/security.h | 11 +++
kernel/module.c |7 +++
security/capability.c|6 ++
security/sec
8 matches
Mail list logo