next up previous contents
Next: Control Requirements Up: Implementation Previous: Labeling   Contents

API Extensions

The existing Linux API was extended to include an execve_secure system call which has one additional parameter to specify the security context for the transformed process. The main routine for execve processing, do_execve in fs/exec.c, was renamed to be do_execve_secure, and an additional parameter was added for the SID of the specified context. A new do_execve that calls do_execve_secure with a null SID was added to handle the existing execve call. When a null SID is encountered during processing, the security server is consulted via the security_transition_sid interface for a default SID that will be used.

The two new process management system calls were straightforwardly implemented in the sys_getsecsid and sys_getosecsid routines added to kernel/sched.c. Like other similar calls, these take no arguments and return the appropriate element of the task structure as pointed to by current. As the information is requested only in the context of the calling process, no security checking was required for these calls.

All three calls were added to the new security library libsecure and a new header file, proc_secure.h was created. Additionally, new _secure versions of the other forms of exec which allow the specification of a security context were added to this library. Alternatively, these could have, and probably should have, been placed in the C library. They were added to this new library for ease of implementation and for portability reasons and will likely be moved to the C library in the future.


next up previous contents
Next: Control Requirements Up: Implementation Previous: Labeling   Contents