Re: dev ion

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I didn't either, but that article used a four letter word "sharing" and I thought I was missing something, (Which is usually the case ;-) )

On Fri, Sep 14, 2012 at 11:32 AM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote:
On Fri, 2012-09-14 at 11:24 -0700, William Roberts wrote:
> Based on this article and "sharing
> buffers", http://lwn.net/Articles/480055/
>
>
> We may need to instrument LSM hooks for ION.
>
>
> Thoughts?

Possibly, but I don't see any DAC checks or capable calls in the current
ion driver code.  If the only way to share is by passing open fds, then
we already control that via the existing SELinux hooks.


--
Stephen Smalley
National Security Agency




--
Respectfully,

William C Roberts


[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux