TOMOYO

Fork

[tomoyo-dev-en 21] Re: TOMOYO and YAMA

Jamie Nguyen dysco****@gmail*****
Wed Dec 1 22:14:35 JST 2010

• Previous message: [tomoyo-dev-en 20] Re: TOMOYO and YAMA
• Next message: [tomoyo-dev-en 22] Re: TOMOYO and YAMA
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

Tetsuo Handa wrote:
> http://www.youtube.com/watch?v=wG8BTLMu5wo

Great thanks!



> Yes, it is. By hijacking "struct security_operations *security_ops". ;-)
>
> A patch that demonstrates how to hijack LSM hook was posted at
> http://lkml.org/lkml/2010/2/26/239 .
>
> Since register_security() became __init function in 2.6.35, not only loadable
> kernel modules but also built-in code can no longer call register_security()
> after boot. Therefore, AKARI hijacks "security_ops" by analyzing functions that
> access "security_ops". Now, multiple LSM modules can work at the same time.

So this patch is how it can be done with AKARI. With a kernel patched
with ccs-patch, should TOMOYO and YAMA work together in this case
without modification due to the fact that TOMOYO is not running as a
LKM?


Kind regards

• Previous message: [tomoyo-dev-en 20] Re: TOMOYO and YAMA
• Next message: [tomoyo-dev-en 22] Re: TOMOYO and YAMA
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]