TrustedBSD progress
Robert Watson
rwatson at FreeBSD.org
Sat Jan 12 14:11:47 GMT 2002
On Fri, 11 Jan 2002, Andrew R. Reiter wrote:
> : TODO
> :
> : o Much. Andrew?
>
> My goals are as follows:
>
> - Create p4 trustedbsd-audit branch.
I actually created a trustedbsd_audit branch on November, I just haven't
integrated it, so it's empty. It's set up as:
View:
//depot/projects/trustedbsd/base/... //depot/projects/trustedbsd/audit/...
So can potentially contain the entire source tree if we need it. For the
time being, we'll probably want to tweak the view so it just covers sys,
userland audit libraries (probably libc and maybe libaudit), daemon, and
any userland utilities and configuration files directly touched by audit
changes.
> - Implement the code that I've done to -current, essentially a redo of the
> one I did with keeping in mind Robert's work...
> - Trying to work on optimization strategies.
> - best kse strategy..
Do we know if there's a unique thread/kse/whatever-ID planned? There may
be some ordering and coherency issues here, but I suspect it should be
possible to surmount that fairly easily, although you won't get a good
view into userland threads due to the m:n issue. I wonder how this is
handled on other thread-aware systems.
> - Work out a method for secure tuning of the audit system.
> ... among other things more basic.
>
> Hopefully at that point, we can import Robert's posix1e userland code...
What sort of structure are you currently using to hold the records in
kernel, and for transport to userland? My current userland code supports
two formats: a multi-dimmensional format appropriate for easy manipulation
of records, and a marshalled format used for retrieving records from the
kernel, and for storage on disk, transmission via IPC, etc. Neither of
these is likely to be all that efficient, but was sufficient for
experimentation. To plug in this code as it stands, you'd either need to
use the same marshalled format, or replacing the parsing/spewing code.
Robert N M Watson FreeBSD Core Team, TrustedBSD Project
robert at fledge.watson.org NAI Labs, Safeport Network Services
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list