Re: [PATCH v6 1/8] security: define new LSM hook named security_kernel_load_data

From: Kees Cook
Date: Sat Jul 14 2018 - 22:13:47 EST

Next message: Kees Cook: "Re: [PATCH v6 2/8] kexec: add call to LSM hook in original kexec_load syscall"
Previous message: Yafang Shao: "Re: [PATCH] mm: avoid bothering interrupted task when charge memcg in softirq"
In reply to: Mimi Zohar: "[PATCH v6 1/8] security: define new LSM hook named security_kernel_load_data"
Next in thread: Mimi Zohar: "[PATCH v6 3/8] ima: based on policy require signed kexec kernel images"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jul 13, 2018 at 11:05 AM, Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote:
> Differentiate between the kernel reading a file specified by userspace
> from the kernel loading a buffer containing data provided by userspace.
> This patch defines a new LSM hook named security_kernel_load_data().
>
> Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
> Cc: Eric Biederman <ebiederm@xxxxxxxxxxxx>
> Cc: Luis R. Rodriguez <mcgrof@xxxxxxxxxx>
> Cc: Kees Cook <keescook@xxxxxxxxxxxx>
> Cc: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
> Acked-by: Serge Hallyn <serge@xxxxxxxxxx>

Acked-by: Kees Cook <keescook@xxxxxxxxxxxx>

-Kees

--
Kees Cook
Pixel Security

Next message: Kees Cook: "Re: [PATCH v6 2/8] kexec: add call to LSM hook in original kexec_load syscall"
Previous message: Yafang Shao: "Re: [PATCH] mm: avoid bothering interrupted task when charge memcg in softirq"
In reply to: Mimi Zohar: "[PATCH v6 1/8] security: define new LSM hook named security_kernel_load_data"
Next in thread: Mimi Zohar: "[PATCH v6 3/8] ima: based on policy require signed kexec kernel images"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]