aboutsummaryrefslogtreecommitdiffstats
path: root/Documentation
diff options
context:
space:
mode:
authorMichael LeMay <mdlemay@epoch.ncsc.mil>2006-06-22 17:47:17 -0400
committerLinus Torvalds <torvalds@g5.osdl.org>2006-06-22 18:05:55 -0400
commitd720024e94de4e8b7f10ee83c532926f3ad5d708 (patch)
tree8f21613c29a26bfbeb334cb0104b8b998b09fbdc /Documentation
parentf893afbe1262e27e91234506f72e17716190dd2f (diff)
[PATCH] selinux: add hooks for key subsystem
Introduce SELinux hooks to support the access key retention subsystem within the kernel. Incorporate new flask headers from a modified version of the SELinux reference policy, with support for the new security class representing retained keys. Extend the "key_alloc" security hook with a task parameter representing the intended ownership context for the key being allocated. Attach security information to root's default keyrings within the SELinux initialization routine. Has passed David's testsuite. Signed-off-by: Michael LeMay <mdlemay@epoch.ncsc.mil> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org> Acked-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'Documentation')
-rw-r--r--Documentation/keys.txt29
1 files changed, 29 insertions, 0 deletions
diff --git a/Documentation/keys.txt b/Documentation/keys.txt
index aaa01b0e3ee9..703020012708 100644
--- a/Documentation/keys.txt
+++ b/Documentation/keys.txt
@@ -19,6 +19,7 @@ This document has the following sections:
19 - Key overview 19 - Key overview
20 - Key service overview 20 - Key service overview
21 - Key access permissions 21 - Key access permissions
22 - SELinux support
22 - New procfs files 23 - New procfs files
23 - Userspace system call interface 24 - Userspace system call interface
24 - Kernel services 25 - Kernel services
@@ -232,6 +233,34 @@ For changing the ownership, group ID or permissions mask, being the owner of
232the key or having the sysadmin capability is sufficient. 233the key or having the sysadmin capability is sufficient.
233 234
234 235
236===============
237SELINUX SUPPORT
238===============
239
240The security class "key" has been added to SELinux so that mandatory access
241controls can be applied to keys created within various contexts. This support
242is preliminary, and is likely to change quite significantly in the near future.
243Currently, all of the basic permissions explained above are provided in SELinux
244as well; SE Linux is simply invoked after all basic permission checks have been
245performed.
246
247Each key is labeled with the same context as the task to which it belongs.
248Typically, this is the same task that was running when the key was created.
249The default keyrings are handled differently, but in a way that is very
250intuitive:
251
252 (*) The user and user session keyrings that are created when the user logs in
253 are currently labeled with the context of the login manager.
254
255 (*) The keyrings associated with new threads are each labeled with the context
256 of their associated thread, and both session and process keyrings are
257 handled similarly.
258
259Note, however, that the default keyrings associated with the root user are
260labeled with the default kernel context, since they are created early in the
261boot process, before root has a chance to log in.
262
263
235================ 264================
236NEW PROCFS FILES 265NEW PROCFS FILES
237================ 266================