[PATCH 1/1] cr: lsm: restore LSM contexts for ipc objects
Serge E. Hallyn
serue at us.ibm.com
Fri Jun 19 18:32:16 PDT 2009
Here is the next version of the patch implementing checkpoint
and restore of LSM contexts. This is just handling IPC objects
as a proof of concept. But actually, looking ahead and both
files and tasks, I see that selinux stores several sids in the
security structs. For instance, for tasks there is the current
sid, exec sid, create sid, keycreate_sid, and sockcreate_sid.
So I guess I'll have to ask the LSM for how many secids it wants
to checkpoint, then checkpoint an array of contexts?
More information about the Containers
mailing list