Re: [PATCH v4 2/3] security: Expose a mechanism to load lsm hooks dynamically at runtime

On Wed, Mar 7, 2018 at 9:59 AM, Casey Schaufler wrote: > On 3/6/2018 11:23 PM, Sargun Dhillon wrote: >> This patch adds dynamic security hooks. These hooks are designed to allow >> for safe runtime loading. >> >> These hooks are only run after all built-in, and major LSMs are run. >> The LSMs enab

Re: [PATCH v4 2/3] security: Expose a mechanism to load lsm hooks dynamically at runtime

On 3/6/2018 11:23 PM, Sargun Dhillon wrote: > This patch adds dynamic security hooks. These hooks are designed to allow > for safe runtime loading. > > These hooks are only run after all built-in, and major LSMs are run. > The LSMs enabled by this feature must be minor LSMs, but they can poke > at

[PATCH v4 2/3] security: Expose a mechanism to load lsm hooks dynamically at runtime

This patch adds dynamic security hooks. These hooks are designed to allow for safe runtime loading. These hooks are only run after all built-in, and major LSMs are run. The LSMs enabled by this feature must be minor LSMs, but they can poke at the security blobs, as the blobs should be initialized