Hello. Regarding TOMOYO 1.x and CaitSith, it turned out that there is a possibility of lockup problem mentioned at https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4449a51a7c281602 within the garbage collection when deleting domains by writing "delete $domainname". Therefore, I released an update.
There is no report that this problem occurred in TOMOYO or CaitSith. AKARI and TOMOYO 2.x are not affected. Also, TOMOYO 1.x with CONFIG_CCSECURITY_USE_EXTERNAL_TASK_SECURITY enabled and CaitSith with CONFIG_CAITSITH_USE_EXTERNAL_TASK_SECURITY enabled are not affected. The latest files which include patches for Linux 4.10 are shown below. ccs-patch-1.8.5-20170220.tar.gz MD5:ffff646d85482eb92c52ebbdfe43fc30 akari-1.0.36-20170220.tar.gz MD5:66665b863de0414c6dd63cf6a43b7999 caitsith-patch-0.2-20170220.tar.gz MD5:eeee437baa5c0419f2abbfdb1eb70361 There are updated tools packages, though I was too busy to announce. The screen transition rule of the policy editor in tomoyo-tools 2.5 became same with ccs-tools 1.8. ccs-tools-1.8.5-20170102.tar.gz MD5:44446af8b01e92c1605c0460b7dc97d2 tomoyo-tools-2.5.0-20170102.tar.gz MD5:888804d58742452fe213a68f7eadd0ad caitsith-tools-0.2-20161229.tar.gz MD5:555555ed7ed21547d8d6d2285157c126 Recently, changes for kernel hardening seems to be actively merged. For example, in kernels built with CONFIG_RANDOMIZE_BASE enabled, though there will be no problem for AKARI, the addresses AKARI reports and the addresses recorded in System.map no longer match. Also, changes which add "const" attribute as much as possible, and/or add "read only" attribute after initialization completes are proposed. The array of "struct security_hook_list" which is used for LSM hooks is also subjected to this add "read only" attribute after initialization completed proposal. It might become difficult to load modules like AKARI which interrupts into LSM hooks. Kernel modules used by antivirus software for on-access scanning which interrupt into LSM hooks might be also affected. Note that since LSM framework is already ready to register multiple LSM modules (though there are several restrictions remaining), it seems that proposing such kernel modules to upstream with modifications for upstream will be welcomed ( http://www.openwall.com/lists/kernel-hardening/2017/02/17/15 ). As for the rest, it seems that the security_task_alloc() hook which was removed in Linux 2.6.29 is about to be revived for the first time in a decade, due to proposal of new LSM modules (e.g. ptags, Timgad) which want to manage security attributes for per "struct task_struct" basis rather than per "struct cred" basis. For TOMOYO which was named due to use of per "struct task_struct" basis management, names and natures will agree. ;-) _______________________________________________ tomoyo-users-en mailing list tomoyo-users-en@lists.osdn.me http://lists.osdn.me/mailman/listinfo/tomoyo-users-en
