New skb extension for use by LSMs (skb "security blob")?
Paul Moore
paul at paul-moore.com
Wed Aug 21 22:00:09 UTC 2019
Hello netdev,
I was just made aware of the skb extension work, and it looks very
appealing from a LSM perspective. As some of you probably remember,
we (the LSM folks) have wanted a proper security blob in the skb for
quite some time, but netdev has been resistant to this idea thus far.
If I were to propose a patchset to add a SKB_EXT_SECURITY skb
extension (a single extension ID to be shared among the different
LSMs), would that be something that netdev would consider merging, or
is there still a philosophical objection to things like this?
--
paul moore
www.paul-moore.com
More information about the Linux-security-module-archive
mailing list