Hello. Since Linux 5.0 was released, I refreshed the tarballs. There is no change except supporting the latest kernels. ccs-patch-1.8.5-20190305.tar.gz MD5:44445f53d2299643329699055e995656 akari-1.0.38-20190305.tar.gz MD5:9999f7af036162cb6b16b8a9527ce9d7 caitsith-patch-0.2-20190305.tar.gz MD5:dddd0b2ebc987fb9418ea67faa12eb46 Since TOMOYO 2.x will become TOMOYO 2.6 in Linux 5.1, I added manuals and uploaded userspace tools for TOMOYO 2.6. tomoyo-tools-2.6.0-20190305.tar.gz MD5:9999759f18b0ade9532120fef7b9b3a5 Most notable change is that you will be able to enable both TOMOYO 2.6 and one of SELinux/Smack/AppArmor at the same time. To make this change possible, how to specify "default LSM module to enable" at kernel build time and how to specify "LSM module to actually enable" at kernel boot command line option will change. In particular, the security= kernel boot command line option becomes deprecated and the lsm= kernel boot command line option should be used instead. For more information, please check https://tomoyo.osdn.jp/2.6/chapter-3.html . Another bit of improvement in TOMOYO 2.6 is that you will be able to specify multiple use_group entries to each domain (like TOMOYO 1.8 does). In other words, you can define up to 256 acl_group entries for each namespace at exception policy and include them for that namespace using use_group entries at domain policy. TOMOYO 2.6 started undergoing fuzzing tests by syzbot, for we no longer need to assign instances for testing TOMOYO 2.6 because TOMOYO 2.6 can run on instances assigned for SELinux/Smack/AppArmor. Please let me know if you found any problems.
TOMOYO
Fork