lsm.rst - OpenGrok cross reference for /Linux-v5.4/Documentation/security/lsm.rst

Lines Matching full:security
2 Linux Security Modules: General Security Hooks for Linux
16 In March 2001, the National Security Agency (NSA) gave a presentation
17 about Security-Enhanced Linux (SELinux) at the 2.5 Linux Kernel Summit.
20 implemented as its own particular kernel patch. Several other security
25 patch to support its security needs.
28 remarks that described a security framework he would be willing to
30 general framework that would provide a set of security hooks to control
31 operations on kernel objects and a set of opaque security fields in
32 kernel data structures for maintaining security attributes. This
34 desired model of security. Linus also suggested the possibility of
37 The Linux Security Modules (LSM) project was started by WireX to develop
38 such a framework. LSM is a joint development effort by several security
44 of the framework and the example capabilities security module provided
51 security modules. In particular, the LSM framework is primarily focused
53 likely to address other security needs such as auditing. By itself, the
54 framework does not provide any additional security; it merely provides
55 the infrastructure to support security modules. The LSM kernel patch
56 also moves most of the capabilities logic into an optional security
61 The LSM kernel patch adds security fields to kernel data structures and
63 manage the security fields and to perform access control. It also adds
64 functions for registering and unregistering security modules, and adds a
65 general :c:func:`security()` system call to support new system calls
66 for security-aware applications.
68 The LSM security fields are simply ``void*`` pointers. For process and
69 program execution security information, security fields were added to
72 security information, a security field was added to :c:type:`struct
73 super_block <super_block>`. For pipe, file, and socket security
74 information, security fields were added to :c:type:`struct inode
76 network device security information, security fields were added to
78 net_device <net_device>`. For System V IPC security information,
79 security fields were added to :c:type:`struct kern_ipc_perm
84 ``include/linux/shm.h`` as appropriate) to allow the security modules to
90 ``include/linux/security.h``. Detailed documentation for each hook is
101 Linus mentioned per-process security hooks in his original remarks as a
102 possible alternative to global security hooks. However, if LSM were to
109 network input operations). Consequently, LSM provides global security
110 hooks, but a security module is free to implement per-process hooks
112 process' security field and then invoking these per-process hooks from
117 provided by a dummy security module that provides traditional superuser
119 ``security/security.c``) is provided to allow a security module to set
123 the primary security module, which is responsible for making the final
126 LSM also provides a simple mechanism for stacking additional security
127 modules with the primary security module. It defines
133 after performing some sanity checking. A security module can call these
142 categories: hooks that are used to manage the security fields and hooks
146 structure that has a security field. These hooks are used to allocate
147 and free security structures for kernel objects. The first category of
148 hooks also includes hooks that set information in the security field
151 This hook is used to set security information for inodes after
161 logic into an optional security module stored in the file
162 ``security/capability.c``. This change allows users who do not want to
171 the new security fields managed by the security modules. However, at
174 might be preferable so that other security modules can be easily stacked
175 with the capabilities module without needing to chain multiple security
176 structures on the security field. It also avoids imposing extra overhead
177 on the capabilities module to manage the security fields. However, the
188 the current version of the LSM patch does allow a security module to
191 moved into the security field. The following is a list of known