From: Daniel Cashman <dcashman@android.com>
To: paul@paul-moore.com
Cc: selinux@tycho.nsa.gov, sds@tycho.nsa.gov, eparis@parisplace.org,
james.l.morris@oracle.com, serge@hallyn.com,
linux-security-module@vger.kernel.org, jeffv@google.com,
nnk@google.com, arve@google.com
Subject: Exposing secid to secctx mapping to user-space
Date: Fri, 11 Dec 2015 10:37:47 -0800 [thread overview]
Message-ID: <566B17FB.6010405@android.com> (raw)
Hello,
I would like to write a patch that would expose, via selinuxfs, the
mapping between secids in the kernel and security contexts to
user-space, but before doing so wanted to get some feedback as to
whether or not such an endeavor could have any support upstream. The
direct motivation for this is the desire to communicate calling security
ids/contexts over binder IPC on android for use in a user-space object
manager. Passing the security ids themselves would be simpler and more
efficient in the critical kernel path, but they currently have no
user-space meaning.
Thank You,
Dan
next reply other threads:[~2015-12-11 18:38 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-11 18:37 Daniel Cashman [this message]
2015-12-11 19:55 ` Exposing secid to secctx mapping to user-space Paul Moore
2015-12-11 20:41 ` Roberts, William C
2015-12-11 22:14 ` Stephen Smalley
2015-12-12 0:24 ` Casey Schaufler
2015-12-13 22:06 ` Paul Moore
2015-12-14 17:03 ` Mike Palmiotto
2015-12-14 17:31 ` Casey Schaufler
2015-12-14 17:42 ` Stephen Smalley
2015-12-14 17:50 ` Casey Schaufler
2015-12-14 21:29 ` Roberts, William C
2015-12-14 22:11 ` Stephen Smalley
2015-12-14 22:52 ` William Roberts
2015-12-14 22:57 ` Roberts, William C
2015-12-15 15:00 ` Stephen Smalley
2015-12-15 16:06 ` Casey Schaufler
2015-12-15 16:55 ` Stephen Smalley
2015-12-15 17:36 ` Casey Schaufler
2015-12-15 17:19 ` Joe Nall
2015-12-15 18:03 ` Stephen Smalley
2015-12-15 19:09 ` Joe Nall
2015-12-18 23:55 ` Paul Moore
2015-12-15 20:58 ` Daniel Cashman
2015-12-15 22:41 ` William Roberts
2015-12-18 23:54 ` Paul Moore
2015-12-11 20:36 ` Casey Schaufler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=566B17FB.6010405@android.com \
--to=dcashman@android.com \
--cc=arve@google.com \
--cc=eparis@parisplace.org \
--cc=james.l.morris@oracle.com \
--cc=jeffv@google.com \
--cc=linux-security-module@vger.kernel.org \
--cc=nnk@google.com \
--cc=paul@paul-moore.com \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
--cc=serge@hallyn.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.