On Thu, Sep 20, 2012 at 1:29 PM, Andrew Morton
wrote:
> On Fri, 7 Sep 2012 11:38:13 -0700
> Kees Cook wrote:
>
>> Instead of (or in addition to) kernel module signing, being able to reason
>> about the origin of a kernel module would be valuable in situations
>> where an OS already trusts a
On Fri, 7 Sep 2012 11:38:13 -0700
Kees Cook wrote:
> Instead of (or in addition to) kernel module signing, being able to reason
> about the origin of a kernel module would be valuable in situations
> where an OS already trusts a specific file system, file, etc, due to
> things like security
On Fri, 7 Sep 2012 11:38:13 -0700
Kees Cook keesc...@chromium.org wrote:
Instead of (or in addition to) kernel module signing, being able to reason
about the origin of a kernel module would be valuable in situations
where an OS already trusts a specific file system, file, etc, due to
things
On Thu, Sep 20, 2012 at 1:29 PM, Andrew Morton
a...@linux-foundation.org wrote:
On Fri, 7 Sep 2012 11:38:13 -0700
Kees Cook keesc...@chromium.org wrote:
Instead of (or in addition to) kernel module signing, being able to reason
about the origin of a kernel module would be valuable in
On Fri, 2012-09-07 at 11:38 -0700, Kees Cook wrote:
> Now that kernel module origins can be reasoned about, provide a hook to
> the LSMs to make policy decisions about the module file.
>
> Signed-off-by: Kees Cook
> Acked-by: Serge E. Hallyn
> ---
> include/linux/security.h | 13
Acked-by: Eric Paris
On Fri, Sep 7, 2012 at 2:38 PM, Kees Cook wrote:
> Now that kernel module origins can be reasoned about, provide a hook to
> the LSMs to make policy decisions about the module file.
>
> Signed-off-by: Kees Cook
> Acked-by: Serge E. Hallyn
> ---
> include/linux/security.h
Now that kernel module origins can be reasoned about, provide a hook to
the LSMs to make policy decisions about the module file.
Signed-off-by: Kees Cook
Acked-by: Serge E. Hallyn
---
include/linux/security.h | 13 +
kernel/module.c |9 +
Now that kernel module origins can be reasoned about, provide a hook to
the LSMs to make policy decisions about the module file.
Signed-off-by: Kees Cook keesc...@chromium.org
Acked-by: Serge E. Hallyn serge.hal...@canonical.com
---
include/linux/security.h | 13 +
kernel/module.c
Acked-by: Eric Paris epa...@redhat.com
On Fri, Sep 7, 2012 at 2:38 PM, Kees Cook keesc...@chromium.org wrote:
Now that kernel module origins can be reasoned about, provide a hook to
the LSMs to make policy decisions about the module file.
Signed-off-by: Kees Cook keesc...@chromium.org
On Fri, 2012-09-07 at 11:38 -0700, Kees Cook wrote:
Now that kernel module origins can be reasoned about, provide a hook to
the LSMs to make policy decisions about the module file.
Signed-off-by: Kees Cook keesc...@chromium.org
Acked-by: Serge E. Hallyn serge.hal...@canonical.com
---
Now that kernel module origins can be reasoned about, provide a hook to
the LSMs to make policy decisions about the module file.
Signed-off-by: Kees Cook
Acked-by: Serge E. Hallyn
---
include/linux/security.h | 13 +
kernel/module.c |9 +
Now that kernel module origins can be reasoned about, provide a hook to
the LSMs to make policy decisions about the module file.
Signed-off-by: Kees Cook keesc...@chromium.org
Acked-by: Serge E. Hallyn serge.hal...@canonical.com
---
include/linux/security.h | 13 +
kernel/module.c
Quoting Kees Cook (keesc...@chromium.org):
> Now that kernel module origins can be reasoned about, provide a hook to
> the LSMs to make policy decisions about the module file.
>
> Signed-off-by: Kees Cook
Acked-by: Serge E. Hallyn
> ---
> include/linux/security.h | 11 +++
>
Quoting Kees Cook (keesc...@chromium.org):
Now that kernel module origins can be reasoned about, provide a hook to
the LSMs to make policy decisions about the module file.
Signed-off-by: Kees Cook keesc...@chromium.org
Acked-by: Serge E. Hallyn serge.hal...@canonical.com
---
Now that kernel module origins can be reasoned about, provide a hook to
the LSMs to make policy decisions about the module file.
Signed-off-by: Kees Cook
---
include/linux/security.h | 11 +++
kernel/module.c |7 +++
security/capability.c|6 ++
Now that kernel module origins can be reasoned about, provide a hook to
the LSMs to make policy decisions about the module file.
Signed-off-by: Kees Cook keesc...@chromium.org
---
include/linux/security.h | 11 +++
kernel/module.c |7 +++
security/capability.c|
16 matches
Mail list logo