On Mon, Feb 6, 2017 at 11:49 AM, Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp> wrote: > Djalal Harouni wrote: >> To achieve the above we add the security_task_copy() hook that allows us >> to clone the Timgad context of parent into child task_struct. >> >> The security hook can also be used by new LSMs after the child task has >> done some initialization, this way they won't clash with the major LSMs. >> The situation is not really well, this hook allows us to introduce a >> stackable LSM that can be easily used with all other LSMs. > > We are already planning to revive security_task_alloc() hook (probably in > Linux 4.12) > ( > news://news.gmane.org:119/201701101958.jad43709.otjsoqfvfol...@i-love.sakura.ne.jp > ). > Is security_task_alloc() called too early for your case? > > (Well, we want to configure http archive like marc.info ?)
I found this marc.info http://marc.info/?l=linux-security-module&m=129584883703846 Oups from 2011! your email pretty sum up all the approach that I took :-) , and yes it was not that obvious... so I did it that way where the data is kept in an external table. Also yes beside TOMOYO I also need that hook for the various reasons that are listed in that thread. Thanks! -- tixxdz
