-
- Downloads
ipe: add LSM hooks on execution and kernel read
IPE's initial goal is to control both execution and the loading of kernel modules based on the system's definition of trust. It accomplishes this by plugging into the security hooks for bprm_check_security, file_mprotect, mmap_file, kernel_load_data, and kernel_read_data. Signed-off-by:Deven Bowers <deven.desai@linux.microsoft.com> Signed-off-by:
Fan Wu <wufan@linux.microsoft.com> Signed-off-by:
Paul Moore <paul@paul-moore.com>
Showing
- security/ipe/Makefile 1 addition, 0 deletionssecurity/ipe/Makefile
- security/ipe/eval.c 14 additions, 0 deletionssecurity/ipe/eval.c
- security/ipe/eval.h 5 additions, 0 deletionssecurity/ipe/eval.h
- security/ipe/hooks.c 184 additions, 0 deletionssecurity/ipe/hooks.c
- security/ipe/hooks.h 25 additions, 0 deletionssecurity/ipe/hooks.h
- security/ipe/ipe.c 6 additions, 0 deletionssecurity/ipe/ipe.c
Loading
Please register or sign in to comment