[PATCH 2/5] cr: checkpoint the active LSM and add RESTART_KEEP_LSM flag

Serge E. Hallyn serue at us.ibm.com
Mon Aug 31 06:36:56 PDT 2009


Quoting Serge E. Hallyn (serue at us.ibm.com):
> Quoting Casey Schaufler (casey at schaufler-ca.com):
> > Serge E. Hallyn wrote:
> > > Quoting Casey Schaufler (casey at schaufler-ca.com):
> > > So do you think that adding a policy version check in the kernel
> > > at restart would help this?
> 
> For the moment I intend to add a patch on top of these adding two
> security calls:
> 
> 	security_may_checkpoint(ctx) which will authorize the
> 		ability to checkpoint at all, and

I meant:

	security_may_restore(ctx).

-serge


More information about the Containers mailing list