Lines Matching refs:LSM
37 The Linux Security Modules (LSM) project was started by WireX to develop
38 such a framework. LSM is a joint development effort by several security
45 by the LSM kernel patch.
47 LSM Framework
50 The LSM kernel patch provides a general kernel framework to support
51 security modules. In particular, the LSM framework is primarily focused
55 the infrastructure to support security modules. The LSM kernel patch
59 `LSM Capabilities Module <#cap>`__.
61 The LSM kernel patch adds security fields to kernel data structures and
68 The LSM security fields are simply ``void*`` pointers. For process and
87 Each LSM hook is a function pointer in a global table, security_ops.
102 possible alternative to global security hooks. However, if LSM were to
107 composing hooks in the base framework. Additionally, LSM would still
109 network input operations). Consequently, LSM provides global security
126 LSM also provides a simple mechanism for stacking additional security
138 manner, LSM again defers the problem of composition to the module.
140 Although the LSM hooks are organized into substructures based on kernel
157 LSM Capabilities Module
160 The LSM kernel patch moves most of the existing POSIX.1e capabilities
169 In addition to moving the capabilities logic, the LSM kernel patch could
172 present, the LSM kernel patch leaves the capability fields in the kernel
178 LSM framework could certainly support such a move if it is determined to
188 the current version of the LSM patch does allow a security module to