Weekly Edition
Return to the Kernel page
| ||||||||||||||||
|
| ||||||||||||||||
Integrity Service and SLIM
This is an updated request for comments on a proposed integrity service framework and dummy provider, along with SLIM, a low water-mark mandatory access control LSM module which utilizes the integrity services as additional input to the access control decisions. The latest fixes include: - SLIM: Locking overhaul - All: Update to 2.6.18-rc1 kernel Later we will be submitting EVM as a specific integrity service provider under this proposed framework. By separating the submissions, we hope that the integrity framework and its relationship to SLIM (and potentially to selinux) will be clearer and easier to review. Since this integrity provider is a dummy, it has no requirements for TPM hardware, or for LSM stacking, again making the review simpler. A corresponding userspace utility package is available at http://www.research.ibm.com/gsal/tcpa Patch 1/6 is a tiny patch to make mprotect available for revocation Patch 2/6 provides the integrity service API with dummy provider. Patch 3-6 provide SLIM, and a more detailed description of its changes, and points out its use of the integrity service. These patches have no prerequisites for stacker or TPM related patches. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/ |
|
|||||||||||||||