Stephen Smalley wrote:
> On Mon, 2008-08-25 at 21:32 +0900, KaiGai Kohei wrote:
>> The following patch is revised one for kernel.
>>
>> Updates:
>> - This patch is rebased on James's security-testing-2.6 tree.
>> - security_bounded_transition() is deployed just after read_unlock()
>> within do_each_thread() { ... } while_each_thread() loop again.
>> - The properties of type_datum are packed within the third word of
>> type entries in the kernel policy.
>> - Bounds checks on constraints are integrated within avc creation.
>> Lazy bounds checks are invoked at the tail of context_struct_compute_av(),
>> and it drops all of boundary violated permissions. It compares permissions
>> of a bounded type based on both of TE and constraints by a bounds type in
>> same time, so the bounded type always cannot have any wider permission than
>> its parent.
>> e.g)
>> When a type of child_t is bounded by parent_t and has mcssetcats attribute,
>> we cannot assign undominated categories because parent_t is not allowed to
>> assign them and it bounds permissions of child_t.
>> - Sanity checks for constraints are removed by the above reason.
>
> This looks good to me in terms of the functionality.
> Have you run any benchmarks to assess the performance impact on AVC
> misses?
Not yet.
I'll measure it tomorrow, please wait for a while.
Thanks,
--
KaiGai Kohei <kaigai@xxxxxxxxxxxx>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
