subject:"\[RFC PATCH 9\/9\] security\/selinux\: Add enclave

Re: [RFC PATCH 9/9] security/selinux: Add enclave_load() implementation

2019-06-03 Thread Sean Christopherson

On Mon, Jun 03, 2019 at 11:01:32AM -0400, Stephen Smalley wrote: > On 5/31/19 7:31 PM, Sean Christopherson wrote: > >The goal of selinux_enclave_load() is to provide a facsimile of the > >existing selinux_file_mprotect() and file_map_prot_check() policies, > >but tailored to the unique properties

Re: [RFC PATCH 9/9] security/selinux: Add enclave_load() implementation

2019-06-03 Thread Stephen Smalley

On 5/31/19 7:31 PM, Sean Christopherson wrote: The goal of selinux_enclave_load() is to provide a facsimile of the existing selinux_file_mprotect() and file_map_prot_check() policies, but tailored to the unique properties of SGX. For example, an enclave page is technically backed by a

[RFC PATCH 9/9] security/selinux: Add enclave_load() implementation

2019-05-31 Thread Sean Christopherson

The goal of selinux_enclave_load() is to provide a facsimile of the existing selinux_file_mprotect() and file_map_prot_check() policies, but tailored to the unique properties of SGX. For example, an enclave page is technically backed by a MAP_SHARED file, but the "file" is essentially shared

Re: [RFC PATCH 9/9] security/selinux: Add enclave_load() implementation

Re: [RFC PATCH 9/9] security/selinux: Add enclave_load() implementation

[RFC PATCH 9/9] security/selinux: Add enclave_load() implementation

3 matches

Site Navigation

Mail list logo

Footer information