TOMOYO

Fork

[tomoyo-dev-en 20] Re: TOMOYO and YAMA

Tetsuo Handa from-****@I-lov*****
Wed Dec 1 22:01:54 JST 2010

• Previous message: [tomoyo-dev-en 19] TOMOYO and YAMA
• Next message: [tomoyo-dev-en 21] Re: TOMOYO and YAMA
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jamie Nguyen wrote:
> A few months ago a video was posted with details of running TOMOYO
> alongside YAMA. Unfortunately, I cannot get the video to play using
> either vlc or mplayer (and the vmware codec).

You can try these movies (contents are identical).
http://www.youtube.com/watch?v=wG8BTLMu5wo
http://tomoyo.sourceforge.jp/incoming/lc2010.avi

> I assume it is possible to run both alongside each other, and if so,
> how can this be done?

Yes, it is. By hijacking "struct security_operations *security_ops". ;-)

A patch that demonstrates how to hijack LSM hook was posted at
http://lkml.org/lkml/2010/2/26/239 .

Since register_security() became __init function in 2.6.35, not only loadable
kernel modules but also built-in code can no longer call register_security()
after boot. Therefore, AKARI hijacks "security_ops" by analyzing functions that
access "security_ops". Now, multiple LSM modules can work at the same time.

Regards.

• Previous message: [tomoyo-dev-en 19] TOMOYO and YAMA
• Next message: [tomoyo-dev-en 21] Re: TOMOYO and YAMA
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]