[PATCH v4 12/14] Implement configuration and methods for default model.
Greg Wettstein
greg at enjellic.com
Mon Aug 26 10:37:26 UTC 2024
The implementation of a TSEM model consists of three separate
components:
- bypasses array
- event initialization method
- event coefficient mapping method.
Boolean true values in the bypasses array is used to indicate
that the event should be completely bypassed.
The event initialization initializes the event description
structure using the characteristics of the event.
The event coefficient mapping method is responsible for
generating the security event coefficient from the event
description structure.
The model0.c file provides the model components for the default
deterministic model implemented by the kernel.
---
security/tsem/model0.c | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
create mode 100644 security/tsem/model0.c
diff --git a/security/tsem/model0.c b/security/tsem/model0.c
new file mode 100644
index 000000000000..347ed8584842
--- /dev/null
+++ b/security/tsem/model0.c
@@ -0,0 +1,21 @@
+// SPDX-License-Identifier: GPL-2.0-only
+
+/*
+ * Copyright (C) 2024 Enjellic Systems Development, LLC
+ * Author: Dr. Greg Wettstein <greg at enjellic.com>
+ *
+ * This file contains methods and definitions for the 'model0'
+ * security model implementation. This is the default model that
+ * TSEM implements.
+ */
+
+#include "tsem.h"
+
+static bool event_bypasses[TSEM_EVENT_CNT];
+
+const struct tsem_context_ops tsem_model0_ops = {
+ .name = "model0",
+ .bypasses = event_bypasses,
+ .init = tsem_event_generate,
+ .map = tsem_map_event
+};
--
2.39.1
More information about the Linux-security-module-archive
mailing list