-
- Downloads
lsm: add IPE lsm
Integrity Policy Enforcement (IPE) is an LSM that provides an complimentary approach to Mandatory Access Control than existing LSMs today. Existing LSMs have centered around the concept of access to a resource should be controlled by the current user's credentials. IPE's approach, is that access to a resource should be controlled by the system's trust of a current resource. The basis of this approach is defining a global policy to specify which resource can be trusted. Signed-off-by:Deven Bowers <deven.desai@linux.microsoft.com> Signed-off-by:
Fan Wu <wufan@linux.microsoft.com> [PM: subject line tweak] Signed-off-by:
Paul Moore <paul@paul-moore.com>
Showing
- include/uapi/linux/lsm.h 1 addition, 0 deletionsinclude/uapi/linux/lsm.h
- security/Kconfig 6 additions, 5 deletionssecurity/Kconfig
- security/Makefile 1 addition, 0 deletionssecurity/Makefile
- security/ipe/Kconfig 17 additions, 0 deletionssecurity/ipe/Kconfig
- security/ipe/Makefile 9 additions, 0 deletionssecurity/ipe/Makefile
- security/ipe/ipe.c 42 additions, 0 deletionssecurity/ipe/ipe.c
- security/ipe/ipe.h 16 additions, 0 deletionssecurity/ipe/ipe.h
- security/security.c 2 additions, 1 deletionsecurity/security.c
- tools/testing/selftests/lsm/lsm_list_modules_test.c 3 additions, 0 deletionstools/testing/selftests/lsm/lsm_list_modules_test.c
Loading
Please register or sign in to comment