TOMOYO

Fork

[tomoyo-dev-en 64] Re: UUID: Simple process isolation module

Tetsuo Handa from-****@I-lov*****
Fri Dec 24 09:36:51 JST 2010

• Previous message: [tomoyo-dev-en 63] Re: UUID: Simple process isolation module
• Next message: [tomoyo-dev-en 65] Re: UUID: Simple process isolation module
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Thank you for testing.

Jamie Nguyen wrote:
> Dec 23 23:20:13 localhost kernel: EIP is at uuid_check_task+0xbe/0x120 [uuid]

Sorry. I forgot to handle uuid_task == NULL case.
I think it was fixed in revision 117.

Freezing whole system likely happens when NULL pointer dereference
occurred between rcu_read_lock(); and rcu_read_unlock();.

> I am also unsure about usage. Suppose I wish to isolate a program
> before running it (e.g. firefox). What is the method to do this?

You can make a wrapper script that does

 #! /bin/sh
 : < /proc/uuid1
 : < /proc/uuid2
 exec program_to_run

(or you can embed

 : < /proc/uuid1
 : < /proc/uuid2

into startup script if that program has one).
I designed this module for libvirtd and
I don't know whether this module fits firefox or not.

Regards.

• Previous message: [tomoyo-dev-en 63] Re: UUID: Simple process isolation module
• Next message: [tomoyo-dev-en 65] Re: UUID: Simple process isolation module
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]