[RFC PATCH v4 00/12] security: x86/sgx: SGX vs. LSM
Jarkko Sakkinen
jarkko.sakkinen at linux.intel.com
Wed Jul 10 22:00:51 UTC 2019
On Wed, Jul 10, 2019 at 11:19:30PM +0300, Jarkko Sakkinen wrote:
> Still, we need a documentation reference to reflect the narrative
> for these changes, seriously. It cannot be that SELinux is widely
> deployed and it completely lacks documentation for its basic
> objects, can it?
I found one good reference:
https://selinuxpTroject.org/page/ObjectClassesPerms
It describes EXECMOD as:
"Make executable a file mapping that has been modified by copy-on-write.
(Text relocation)"
This makes me wonder how EXECMOD even connects to this discussion?
Enclave is never a COW mapping. Seems like there is a huge diff on
how SELinux's official documentation describes it and how it is
described here...
/Jarkko
More information about the Linux-security-module-archive
mailing list