Thread (17 messages) 17 messages, 4 authors, 2019-08-23

Re: New skb extension for use by LSMs (skb "security blob")?

From: Casey Schaufler <casey@schaufler-ca.com>
Date: 2019-08-22 21:59:41
Also in: netdev, selinux 

On 8/22/2019 2:18 PM, David Miller wrote:
From: Casey Schaufler <casey@schaufler-ca.com>
Date: Thu, 22 Aug 2019 13:35:01 -0700
quoted
If the secmark where replaced by a security blob, the u32 secmark field
in an sk_buff would be replaced by a void * security field.
You can already use the secmark to hash to some kind of pointer or other
object.
Would you really want that used in the most common configuration?
Sure, you *can* do that, but it would be insane to do so.
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help