Re: [kernel-hardening] [PATCH 1/1] Sealable memory support

From: Igor Stoppa
Date: Mon May 22 2017 - 15:47:15 EST

Next message: SF Markus Elfring: "Re: [PATCH 2/5] sctp: Delete an error message for a failed memory allocation in sctp_init()"
Previous message: Ross Zwisler: "Re: [PATCH 2/2] dax: Fix race between colliding PMD & PTE entries"
In reply to: Tetsuo Handa: "Re: [PATCH] LSM: Make security_hook_heads a local variable."
Next in thread: Kees Cook: "Re: [PATCH 1/1] Sealable memory support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 20/05/17 11:51, Greg KH wrote:
> On Fri, May 19, 2017 at 01:38:11PM +0300, Igor Stoppa wrote:
>> Dynamically allocated variables can be made read only,

[...]

> This is really nice, do you have a follow-on patch showing how any of
> the kernel can be changed to use this new subsystem?

Yes, actually I started from the need of turning into R/O some data
structures in both LSM Hooks and SE Linux.

> Without that, it
> might be hard to get this approved (we don't like adding new apis
> without users.)

Yes, I just wanted to give an early preview of the current
implementation, since it is significantly different from what I
initially proposed. So I was looking for early feedback.

Right now, I'm fixing it up and adding some more structured debugging.

Then I'll re-submit it together with the LSM Hooks example.

---
thanks, igor

Next message: SF Markus Elfring: "Re: [PATCH 2/5] sctp: Delete an error message for a failed memory allocation in sctp_init()"
Previous message: Ross Zwisler: "Re: [PATCH 2/2] dax: Fix race between colliding PMD & PTE entries"
In reply to: Tetsuo Handa: "Re: [PATCH] LSM: Make security_hook_heads a local variable."
Next in thread: Kees Cook: "Re: [PATCH 1/1] Sealable memory support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]