[RFC PATCH v4 07/12] LSM: x86/sgx: Introduce ->enclave_map() hook for Intel SGX
Xing, Cedric
cedric.xing at intel.com
Fri Jun 21 16:54:57 UTC 2019
> From: Christopherson, Sean J
> Sent: Wednesday, June 19, 2019 3:24 PM
>
> diff --git a/security/security.c b/security/security.c
> index 613a5c00e602..03951e08bdfc 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -2359,3 +2359,10 @@ void security_bpf_prog_free(struct bpf_prog_aux *aux)
> call_void_hook(bpf_prog_free_security, aux);
> }
> #endif /* CONFIG_BPF_SYSCALL */
> +
> +#ifdef CONFIG_INTEL_SGX
> +int security_enclave_map(unsigned long prot)
> +{
> + return call_int_hook(enclave_map, 0, prot);
> +}
> +#endif /* CONFIG_INTEL_SGX */
Why is this new security_enclave_map() necessary while security_mmap_file() will also be invoked?
More information about the Linux-security-module-archive
mailing list