Home » Mailing list archives » linux-kernel » 2007 » August » 28

Re: [TOMOYO 15/15] LSM expansion for TOMOYO Linux.

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Tetsuo Handa
Subject: Re: [TOMOYO 15/15] LSM expansion for TOMOYO Linux.
Date: Tuesday, August 28, 2007 - 3:39 am

Hello.

Paul Moore wrote:

socket_sock_rcv_skb() is a hook for enqueue time.
I want a hook for dequeue time, because what TOMOYO Linux is doing is
not "whether a socket created by foo is permitted to pick up
an incoming packet from specific address/port"
but "whether bar is permitted to pick up
an incoming packet from specific address/port".
At the time of enqueue, I can't know who will pick up that packet.

Same reason for socket_post_accept(). What TOMOYO Linux is doing is
not "whether a socket created by foo is permitted to accept
a connection request from specific address/port"
but "whether bar is permitted to accept
a connection request from specific address/port".
At the time of enqueue, I can't know who will pick up that request.
-
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
[TOMOYO 00/15] TOMOYO Linux - MAC based on process invocat ..., Kentaro Takeda, (Fri Aug 24, 5:41 am)
[TOMOYO 01/15] Allow use of namespace_sem from LSM module., Kentaro Takeda, (Fri Aug 24, 5:44 am)
[TOMOYO 02/15] Kconfig and Makefile for TOMOYO Linux., Kentaro Takeda, (Fri Aug 24, 5:45 am)
[TOMOYO 03/15] Data structures and prototypes definition., Kentaro Takeda, (Fri Aug 24, 5:46 am)
[TOMOYO 04/15] Memory and pathname management functions., Kentaro Takeda, (Fri Aug 24, 5:48 am)
[TOMOYO 05/15] Utility functions and /proc interface for p ..., Kentaro Takeda, (Fri Aug 24, 5:49 am)
Re: [TOMOYO 02/15] Kconfig and Makefile for TOMOYO Linux., Jiri Kosina, (Fri Aug 24, 5:50 am)
[TOMOYO 06/15] Domain transition handler functions., Kentaro Takeda, (Fri Aug 24, 5:50 am)
[TOMOYO 07/15] Auditing interface., Kentaro Takeda, (Fri Aug 24, 5:52 am)
[TOMOYO 08/15] File access control functions., Kentaro Takeda, (Fri Aug 24, 5:53 am)
[TOMOYO 09/15] Argv[0] access control functions., Kentaro Takeda, (Fri Aug 24, 5:53 am)
[TOMOYO 10/15] Networking access control functions., Kentaro Takeda, (Fri Aug 24, 5:54 am)
[TOMOYO 11/15] Namespace manipulation control functions., Kentaro Takeda, (Fri Aug 24, 5:55 am)
[TOMOYO 12/15] Signal transmission control functions., Kentaro Takeda, (Fri Aug 24, 5:56 am)
[TOMOYO 13/15] LSM adapter for TOMOYO., Kentaro Takeda, (Fri Aug 24, 5:56 am)
[TOMOYO 14/15] Conditional permission support., Kentaro Takeda, (Fri Aug 24, 5:57 am)
[TOMOYO 15/15] LSM expansion for TOMOYO Linux., Kentaro Takeda, (Fri Aug 24, 5:58 am)
Re: [TOMOYO 14/15] Conditional permission support., Pavel Machek, (Sat Aug 25, 4:08 am)
Re: [TOMOYO 14/15] Conditional permission support., Toshiharu Harada, (Sat Aug 25, 3:46 pm)
Re: [TOMOYO 14/15] Conditional permission support., Tetsuo Handa, (Sat Aug 25, 7:13 pm)
Re: [TOMOYO 14/15] Conditional permission support., Kyle Moffett, (Mon Aug 27, 5:11 am)
Re: [TOMOYO 15/15] LSM expansion for TOMOYO Linux., Paul Moore, (Mon Aug 27, 7:49 am)
Re: [TOMOYO 15/15] LSM expansion for TOMOYO Linux., Tetsuo Handa, (Tue Aug 28, 3:39 am)
Re: [TOMOYO 14/15] Conditional permission support., Tetsuo Handa, (Tue Aug 28, 6:00 am)
Re: [TOMOYO 15/15] LSM expansion for TOMOYO Linux., Paul Moore, (Tue Aug 28, 6:21 am)
Re: [TOMOYO 15/15] LSM expansion for TOMOYO Linux., Tetsuo Handa, (Mon Sep 3, 6:15 am)
Re: [TOMOYO 15/15] LSM expansion for TOMOYO Linux., Paul Moore, (Tue Sep 4, 4:53 am)
Re: [TOMOYO 15/15] LSM expansion for TOMOYO Linux., Tetsuo Handa, (Tue Sep 4, 7:02 am)
Re: [TOMOYO 15/15] LSM expansion for TOMOYO Linux., Kyle Moffett, (Tue Sep 4, 7:13 am)
Re: [TOMOYO 15/15] LSM expansion for TOMOYO Linux., Paul Moore, (Wed Sep 5, 7:06 am)
Re: [TOMOYO 15/15] LSM expansion for TOMOYO Linux., Tetsuo Handa, (Thu Sep 6, 6:04 am)
Re: [TOMOYO 15/15] LSM expansion for TOMOYO Linux., Paul Moore, (Thu Sep 6, 8:25 am)