[PATCH v6 1/8] security: Add LSM hook at the point where a task gets a fatal signal

Kees Cook keescook at chromium.org
Thu Mar 18 01:22:31 UTC 2021


On Sun, Mar 07, 2021 at 12:30:24PM +0100, John Wood wrote:
> Add a security hook that allows a LSM to be notified when a task gets a
> fatal signal. This patch is a previous step on the way to compute the
> task crash period by the "brute" LSM (linux security module to detect
> and mitigate fork brute force attack against vulnerable userspace
> processes).
> 
> Signed-off-by: John Wood <john.wood at gmx.com>

I continue to really like that this entire thing can be done from an LSM
with just this one extra hook. :)

Reviewed-by: Kees Cook <keescook at chromium.org>

-- 
Kees Cook



More information about the Linux-security-module-archive mailing list