[RFC] A different implementation of LSM?

[RFC] A different implementation of LSM?

[Luca Falavigna]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

One of the biggest limitations of LSM is we can't implement more than
one handler for each security hook at the same time.
Is it advisable to revise the actual implementation, introducing a
doubly linked list based mechanism (such as Netfilter implementation),
or this is the best solution in order to limit overhead?

Regards,


					Luca
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iQEVAwUBQdnUXxZrwl7j21nOAQLjxggAqSj6dxqxuj2Gk2mcS8WzcPiU2bOWkzdw
daHSXLRiITeSkGTGYy6agV7L32hG/YyxiB1sb+rezcPuPq/Xu/78Nzn4kY076c52
DATYTvBPQnlJI3BO0MrCTFoZ+l0PLGuwKnm7cZbttTlLHyUfyPpke2T28UrSsqcR
K0R76nihN9BGnPf1vF0YggvqJlBmXDJj1sPmOs16KadXKpIbXG5PCYoqHeW6dwlH
5fRU4VlK05vHir3tyKcfAfhUjY45YntV7rV2lD0id2Wn0Vumb/SDyxgQnR/3sSjl
10TI4NbHIBsMiA7isT+5HKASyG1ZMoZyVeQlmvFRMZlqa0t/U7H9QQ==
=lC1A
-----END PGP SIGNATURE-----

Re: [RFC] A different implementation of LSM?

[Chris Wright]

* Luca Falavigna (dktrkranz@gmail.com) wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> One of the biggest limitations of LSM is we can't implement more than
> one handler for each security hook at the same time.
> Is it advisable to revise the actual implementation, introducing a
> doubly linked list based mechanism (such as Netfilter implementation),
> or this is the best solution in order to limit overhead?

This is an intentional limitation.  Arbitrary security models do not
compose well.  And LSM framework allows modules to store state or label
information in kernel objects.  So, the callout isn't the only spot that
would need chaining.  Take a look at the lsm archive, this is being
worked on presently.

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net