* [RFC][PATCH 0/6] Integrity Service and SLIM
@ 2006-07-14 17:24 Kylene Jo Hall
0 siblings, 0 replies; 2+ messages in thread
From: Kylene Jo Hall @ 2006-07-14 17:24 UTC (permalink / raw)
To: linux-kernel, LSM ML; +Cc: Dave Safford, Mimi Zohar, Serge Hallyn
This is an updated request for comments on a proposed integrity
service framework and dummy provider, along with SLIM, a low
water-mark mandatory access control LSM module which utilizes the
integrity services as additional input to the access control decisions.
The latest fixes include:
- SLIM: Locking overhaul
- All: Update to 2.6.18-rc1 kernel
Later we will be submitting EVM as a specific integrity service
provider under this proposed framework. By separating the submissions,
we hope that the integrity framework and its relationship to SLIM
(and potentially to selinux) will be clearer and easier to review.
Since this integrity provider is a dummy, it has no requirements for
TPM hardware, or for LSM stacking, again making the review simpler.
A corresponding userspace utility package is available at
http://www.research.ibm.com/gsal/tcpa
Patch 1/6 is a tiny patch to make mprotect available for revocation
Patch 2/6 provides the integrity service API with dummy provider.
Patch 3-6 provide SLIM, and a more detailed description of
its changes, and points out its use of the integrity service.
These patches have no prerequisites for stacker or TPM related patches.
^ permalink raw reply [flat|nested] 2+ messages in thread
* [RFC][PATCH 0/6] Integrity Service and SLIM
@ 2006-07-24 17:51 Kylene Jo Hall
0 siblings, 0 replies; 2+ messages in thread
From: Kylene Jo Hall @ 2006-07-24 17:51 UTC (permalink / raw)
To: linux-kernel, LSM ML; +Cc: Dave Safford, Mimi Zohar, Serge Hallyn
This is an updated request for comments on a proposed integrity
service framework and dummy provider, along with SLIM, a low
water-mark mandatory access control LSM module which utilizes the
integrity services as additional input to the access control decisions.
The latest fixes include:
- SLIM: Locking overhaul
- All: Update to 2.6.18-rc1 kernel
Later we will be submitting EVM as a specific integrity service
provider under this proposed framework. By separating the submissions,
we hope that the integrity framework and its relationship to SLIM
(and potentially to selinux) will be clearer and easier to review.
Since this integrity provider is a dummy, it has no requirements for
TPM hardware, or for LSM stacking, again making the review simpler.
A corresponding userspace utility package is available at
http://www.research.ibm.com/gsal/tcpa
Patch 1/6 is a tiny patch to make mprotect available for revocation
Patch 2/6 provides the integrity service API with dummy provider.
Patch 3-6 provide SLIM, and a more detailed description of
its changes, and points out its use of the integrity service.
These patches have no prerequisites for stacker or TPM related patches.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2006-07-24 17:51 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2006-07-14 17:24 [RFC][PATCH 0/6] Integrity Service and SLIM Kylene Jo Hall
2006-07-24 17:51 Kylene Jo Hall
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.