The English part of this page is a output of Google's translation service. So don't blame on me. :) Read with your imagination. May the Force(理力)be with you. If the reader's native language is not Japanese, please visit our English wiki. http://tomoyo.sourceforge.jp/wiki-e/.

About

TOMOYO Linux project, Ottawa Linux Symposium which from 2007 June 27th is held in Ottawa (alias OLS) with, had BoF session. In this page, it states concerning the announcement contents and echo etc of BoF. In order just it is possible, for atmosphere of event and BoF to be transmitted, thinking, when you had written, so it became long, (laughing).

ls_468x60_banner.gif

History or Why TOMOYO Linux had a BoF

If you are interested in the reason why TOMOYO Linux had a BoF at OLS followthis link.

Preparation

the article

In LSM edition, as for forced access control function with only the file is not included as for network and other function, (as for the difference of 1.X edition and 2.X edition this). As for that, other than the reason that, job time was not in time, making the quantity of the cord/code which is contributed small, there is also the meaning of making easy to receive comment. In addition, in the specification of LSM of present condition as for the function of TOMOYO 1.4 there was also a thing which it cannot transplant.

In this way, as 1.4 extended editions which release are done on 2007 April 1st it could contribute 2.0 releases which correspond to 1.4.1 and LSM and audit somehow in advance. In parallel with that, it tried to join to also the argument with LKML. Because as for this, not speaking completely to that, doing proposition suddenly, that you thought whether it is not not to make the partner is. Entry doing with the thread of AppArmor?, are some which are introduced with Slashdot.jp concerning the part of that. First explanation certain Kyle of the below-mentioned link SELinux (when understanding) the method of thinking the development/offer origin, very becomes reference.

Concerning the contribution to LKML, what it makes RFC, participating in the OLS advance meeting of CELF, is the advice which it receives the occasion where it receives.

Posting to the LKML

AppArmor?

Message from NOKIA engineer

To the opening of OLS as many as 1 months or more on June 15th before, the mail reached in the subject which is called to the account of my Gmail " ON TOMOYO Linux BoF in OLS ". They are such contents.

Greetings, 

I googled your address. 

I'm working in Nokia on secure OS technologies, and I will be
at the Ottawa Linux Symposium  and my special interest would be
your Tomoyo project and its potential applicability to our 
environment. 

I was hoping that we could meet there in Ottawa and I could
present our points of view and  challenges. 

The mail was exchanged with the engineer and its colleague of Nokia which sends the mail, in advance, the promise which meets before BoF at the locale was done.

Bad News

It is to arrive at the meeting place, SONY Ueda, Tim distantly to meet, but there was regrettable communication. It means with CELF, in the same time as BoF of TOMOYO private doing BoF exactly at the Westin hotel, not being able to participate in BoF of TOMOYO.

Announcemnt of the private BoF with ml of CELF

Subject: [Celinux-dev] CELF Embedded Developer BOF at OLS
Date: Mon, 30 Jul 2007 05:18:01 -0700
From: Tim Bird
To: CE Linux Developers List

CELF will be hosting an Embedded Developer Bird's of a Feather session
at the Ottawa Linux Symposium today.  This BOF will showcase some of
the work that CELF has funded or is interested in.

There will be interesting mini-talks, demos, and open discussion.

The BOF is open to the public.  You do not need to be a registered 
attendee of OLS to attend. Feel free to come and discuss your own 
embedded project.

There will be prizes, including a complete embedded development system
donated by Buffalo!!

Here is the agenda:

 * Pagemap patches - Matt Mackall
Discussion and demo of pagemap patches and tools for showing accurate 
memory measurements for Linux systems.  This is a really cool new set of
features in the Linux kernel to allow developers to get a much better 
understanding of how memory is used on their systems.  This talk was one
of the highlights of the Embedded Linux Conference, held last April.

 * Size and bootup time reduction techniques - Michael Opdenacker
Michael has collected information from the CELF web site, and presents
various methods of reducing system size and bootup time.

 * Realtime testing for embedded platforms - Tim Bird
Tim has collected information from several RT-preempt test efforts by 
CELF members in the last year.  He will describe RT testing techniques
and issues, as well as some results.

 * Fedora on ARM project - Manas Saksena
Manas will describe the Fedora on ARM project, which is just getting
started.  This could be a very interesting new distribution for
embedded systems.

 * Low-cost Arm-based development system - Tatsuo Inagaki
Tatsuo, representing Buffalo corporation, will describe and demo a
low-cost ARM development system, based on their NAS product running
embedded Linux.
 * Lightning talks, demos, and open discussion!

Place: Westin Hotel Ottawa, adjacent to the Congress Centre
Room: Confederation Ballroom III, on the Fourth Floor
Date: Friday, June 29
Time: 7:00 pm to 9:00 pm  (19h00 – 21h00)

Address: 11 Colonel By Drive
Walking Directions:  From the Congress Centre, take the skywalk on
the 3rd floor (right next to the OLS registration area) to the
hotel, and proceed to the 4th floor.

If you are in the Ottawa area (whether you are attending OLS or not), 
please come and join us!

If you are a CELF member, please help us announce and promote this
at OLS.  Satoru Ueda and Tim Bird (me) have flyers to hand out.
Please help us distribute these, and talk to the embedded developers we
know at OLS, to let them know about this event.

Thanks!  I'm looking forward to seeing you at the BOF!
 -- Tim

=============================
Tim Bird
Architecture Group Chair, CE Linux Forum
Senior Staff Engineer, Sony Electronics
=============================

Therefore, with OLS2007 as for CELF-related one you think that you could not participate either one person in BoF of TOMOYO. In addition, it could not participate either the member of TOMOYO to the private BoF of CELF. It sent the explanatory data of TOMOYO BoF, to ml of celinux, but very much it was regrettable thing.

Meeting with NOKIA engineers

AppArmor?

After that, the mail it had doing the data from the Nokia engineer, but in that important matter of the security which you think as Nokia was included, had decided to report as the assignment concerning correspondences and performance to the impact to those.

Suggested Requirements

Excerpting from the previous arrangement data, it introduces.

Standard interfaces and zero-maintainability a must (i.e. LSM hooking)
Network access control for applications should be taken to network interface level

 Future proof design would leave an option for price based access control
Whole story of application development should be considered through
 Situation where owner (e.g. operator) of the device does not allow executing
 in the Disabled/Accept/Permissive - modes
  Developer certification / opening of devices in a controlled manner


 Binding the security to TCG kind of TPM chip

The execution history particularly attractive

BoF Materials

Concerning BoF, so far you have not sponsored BoF by your, concerning participation at the extent which one time participated substantially in BoF of ELC2007, concerning preparation without being able to have image excessively, it was. In addition, echo could not do expectation concerning the contribution of RFC and, being chased in the work of directing to LKML contribution lastly, it was the circumstance where time of conception plan and preparation almost does not come off.

Of various things were thought, but it came to the point of facing to the locale without being able to start concrete preparation after all with the sketch book and the pen of the white paper. You were trying to refer, participated in also the BoF session of OLS, but it was the presentation type where that differs from any which are experienced with ELC2007 completely, is based on the data. The announcement of TOMOYO was 3rd day, but although after you have your own session 2 days later, you became aware in nothing having prepared the data, were hasty suddenly. While in the airplane to Chicago, looking at the memo which notes the topic which is thought of from Narita to the thing which makes the data, it compiled the data at the meeting place of OLS and the room of the hotel.

The data, showing to one time other member on 2nd day, received comment, compiled to 5 minutes ago of announcement. Especially it could make the data which is announced finally good also you do not think, but assuming, if more there was a time, it was put, the air which is not does the place circumstance largely it may be able to improve. Thinking, that we want laughing, in the part which you write, everyone properly? Laughing, while to do story, you felt at rest.

The data, the usual way retains in the document of SourceForge?.jp. Because it is classified with SourceForge?.jp concerning the document, language (Japanese/English), by category, with the data of ELC2007 it is retained in the place of English seminar/symposium.

The Day of the TOMOYO Linux BoF

When preparing BoF in Japan, Tanaka san of DevComm? sent me two pictures. It is not something which we have asked from this, specially it is something compilation we would like to support BoF of TOMOYO, with the notion that where. With special care, that we would like to answer kindness, you thought, 4 total you carried those which are printed in A3, but you pasted under the table of the acceptance of OLS concerning 2 among those.

DSCF2089.JPG

DSCF2117.JPG

TOMOYO Linux BoF Session Record

This way preparation or advance adjustment did not do most at all and it is the case that it faces to the BoF production, but main explained and advanced Harada, when in the solder operation, it makes explain just the thing being in Japan concerning the part of demonstration from, decided.

The 1st photograph is circumstances of the room of a little before story is begun. 2nd as for, the solder operation of the part of demonstration is about you explain. While in connection with projector projection staying down in the vicinity of the performing stand, acquiring gesture at the same time facing toward the projector, it does story, (puzzle). While inquiring about explanation with side, it is what, you thought as the strange shelf, but in this way, again, looking at the photograph being after all strange, the shank (laughing). Including ELC2007, me (Harada) there is no photograph of the place where you speak. As for that as for those where the photograph is photographed exclusively I am the main reason, but there are also times when in addition we do not like for I excessively to become subject, (laughing).

DSCF2125.JPG DSCF2124.JPG

That Yoshioka in his Blog, had decided that first word is begun with " Let's get started ", it is written, but I first or end completely do not think at all. BoF to seem you aim toward the fact that it becomes the place of argument, thinking of just that something you make know concerning TOMOYO Linux, it advanced on the basis of the data.

AppArmor?

AppArmor?

AppArmor?

Most those where attitude changes beginning, are the person who thinks as the SELinux authorized personnel who argued with the AppArmor? developer hotly. As for him, as for opportunity of change of domain? As for memory how alocate having done? And so on continuing the contents regarding mounting, it asked. He first seems that you think that every time of exec memory is consumed, but when you explain that is just when adding the new domain, it became placid from there. As (at that place) there not to be about to should attach the economization, it was discovered.

AppArmor?

In question, Okuyama of EMC and the speech where fell NAND and the like of NTT data high technology support TOMOYO Linux was done. While to advance, you felt and appreciated. In addition, also the participation member of Yoshioka and from other Japan came to BoF of TOMOYO in the meeting place. Japan because the compatriot in Ottawa which is far far it supported it is delightful truly the potato.

MontaVista?

When now, thing of the session of BoF is remembered, was schedule time of the program, but because it was last session, it does not close always there and even just the person who can remain having remaining if it argues, the air, good kana does. When it returns to one time Japan, trying probably to meet, although the member whom it cannot meet had been even perhaps it was wasted. I am not to like excessively to be taken to the photograph, but that as for just Stephen we would like to take the souvenir picture by any means, those which you thought and photographed are the photograph of that time. Never, because Stephen in BoF of TOMOYO Linux, comes to hearing with did not think your own story, you were deeply impressed truly.

DSCF2127.JPG

Or more is the approximately circumstances of TOMOYO Linux BoF. So far, it participates in other BoF, because there is no experience which had BoF by your, it is not to be able to say at all, but when of the circumstance which is placed is thought, you think that you can say that it was success. Trying looking back at the thing of the current announcement which returns to Japan the result which is better cannot do the imagination.

Other Questions and Small Talks

(As for the below-mentioned contents, question in BoF the other than of that has existed together, but including also the format from now on, it fairs)

As for path name based MAC being waste of 04:36:04 As for SELinux you think the thing which can be used with all scenes. (The authorized personnel of SELinux) as for SELinux there is many a thing which makes invalid when the installing -> Fedora.  When it makes invalid, because improvement of security becomes zero, at least zero compared to because plus TOMOYO which becomes may be, (EMC Okuyama)

Way there is no reading the library in the contents which were made to study but? (Seth Arnold)

  • > The sentence structure which permits reading the file altogether system is other way.  This has used the output of ldconfig that way.

As for policy being retained somewhere?  At each time it is execution of process if domain it transits, when process becomes enormous, it becomes DoS because? (The authorized personnel of SELinux?)

  • > It retains in memory of the kernel space.  Because with the latest demonstration it has made study mode, being automatic, domain is added, but with use with forced mode with automatic operation as for domain it is not added.  Domain transition Mandatory for the sake of, it can prevent such DoS.

As for path name of [tenporarihuairu] and the like how expressing? (Chris Wright)

  • >It is possible to use pattern for path name. It can also make study when it is patterned. -> Old AppArmor? had used PCRE (the regular expression of Perl), but now high speed DFA (the decisive characteristic finite automaton) it has used for pattern matching.  (AppArmor? BoFにて、Seth Arnold)

Because DFA of AppArmor? high speed actualizes matching, it isn't to be able to apply to also TOMOYO?(at Closing Reception, Chris Wright)

Next 6 as for the months doing what? (The authorized personnel of SELinux?)

  • >TOMOYO Linux 2.0 has removed only the function of file access from 1.4.1.  Because functionally it is insufficient, it keeps continuing the work of transplanting 1.4.1 functions to 2.0.

You have understood the fact that SELinux is difficult to use.  Simply, when to use easily weak security technology is introduced, the user flows to there simply. We would like to avoid this situation.  To use SELinux we want doing the help which makes easy in TOMOYO.  (At argument after the BoF session, Stephen Smalley)

The fact that divergence like TOMOYO comes out is welcomed.  (At Closing Reception, Chris Wright)

You think that we would like to add the hook of LSM reception related to network.  Because with the hook of LSM of present condition before IP address understands, it has decided, it cannot actualize the function of TOMOYO Linux 1.4.1.

  • >If looking at the hook insertion place of TOMOYO) it adds here, because the packet does not reach to the user land, temporarily probably there is no problem.  (At argument after the BoF session, Stephen Smalley)
  • >AppArmor? the same thing probably will be desired. If you send in the patch, because you comment and, that much it does not become formally big modification, as for merging you think that it is not difficult.  (At Closing Reception, Chris Wright)

Discussion with Stephen Smalley

Furthermore you were surprised, but there is no reason which is refused of course. The member of YLUG and together, first it went to the hotel and the coffee store of 1F of Les which Suite have stayed, in addition to Yoshioka, but when the table of the store was moved the person of the store produced to get angry, after all, to the room where Takeda lodged moved. The YLUG team sits down in the sofa side, OSS sermon? It began.

At this place, several you inquired about very much interesting thing from Stephen.

  • You say that SELinux is difficult, but by his so does not think. For example it doesn't mean that iptables is much more difficult? If to understand you try sentence structure of the policy of SELinux it is something which you can understand.
  • AppArmor?
  • AppArmor?

AppArmor? BoF

Seth Arnold had a BoF session and introduced future plan of AppArmor?. According to Seth and his material, AppArmor? is going to incorporate some of TOMOYO Linux's features.

I realized that we have not yet provided documentations about the differece between AppArmor? and TOMOYO Linux. While original TOMOYO Linux 1.X has a plenty of functionalities, TOMOYO Linux 2.0 (LSM version) has only MAC for file, so TOMOYO Linux 2.0 looks almost same as AppArmor?, "another pathname-based MAC". Work is needed.

Stephen, Jonathan and some other people told me that AppArmor? has a nice code of pathname handling. TOMOYO Linux might consider incorporating it.

Closing Reception

The participant of OLS gets together there with the store where this Closing Reception with like the usual event of OLS, that much is wide and is not as reserving. The participation proof of OLS just is shown be able to enter, the beverage lightly the food (a little the doubtful sushi was) is free. Also the famous person of Jonathan and James etc participates. I pulled up about 11 o'clock in the afternoon, but it seems that has also the Japanese who 2:30 AM participated to, (the pattern which after that is continued).

DSCF2160.JPG DSCF2150.JPG

AppArmor?

DSCF2165.JPG AppArmor?(Novell)の関係者。右から二人目がAppArmor?のBoFを行ったSeth Arnold。Sethは写真で見るよりも大きい。

DSCF2162.JPG ヤギのChris。mlから受ける印象とは大違いでびっくりしたが、とても親切で気さく。右端は勿論YLUGの吉岡さん。

DSCF2168.JPG Seth Arnoldと打倒SELinuxを目指して?堅く握手。SethとはCrispinの話で盛り上がった。

What's Next

TOMOYO Linux Mainlining Forecast

LKMLに投稿を行い、OLS2007でBoFセッションも持つことができました。TOMOYO LinuxのBoFは成功し、カーネル開発者のコミュニティへのデビューを果たしたと言って良いと思います。BoF参加は、Stephen, Chris, Sethなどの関係者との面識ができ、議論を行えたという点で大きな成果がありました。しかし、TOMOYO Linuxのメインライン化は全く予断を許さない状況です。

After posting to the LKML, we also had a BoF session at the OLS2007. You think that it is good saying, that BoF of TOMOYO Linux succeeded, carried out the debut to the community of the kernel developer. There was a big result in the point that acquaintance of the authorized personnel of Stephen, Chris and Seth etc could do BoF participation, could do argument. But, the mainline conversion of TOMOYO Linux is the circumstance which completely does not permit prediction.

AppArmor?

AppArmor?

AppArmor?

Regarding vfsmuonts

There have been a very important posting in LKML AppArmor? theread, that was posted by Pavel and addressed to Andrew Morton.

AppArmor?'s patch set consits of two parts. One is AppArmor? itself, the other is vfsmounts patch. Above posting suggests to incorporate soley vfsmounts patch. If that patch will be acceped, TOOMYO Linux get the benefit.

7月11日に2.6.23のMerge Windowが開きましたが、この提案の採否が注目されます。

Merge windows was opened July 11.

Related Information

Jonathan has posted a great summary to LWM's. (must see)

TOMOYO Linux DevConf?

TOMOYO Linux project will have a 1st Developers Conference, DevConf?. Anyone can join. Please register.

TomoyoDevConf

version 2.X

メインライン提案の対象は今回投稿した2.0(LSM移植版)になります。今回のBoFで得られたフィードバックを意識して、再度LKMLに投稿、提案を行います。そのときには、AppArmor?との違いが明確になっており、SELinuxとの親和性を高める必要があります。AppArmor?のBoFの発表では、TOMOYOの機能を取り込むことが明言されていました。時間との闘いです。

version 1.X

これまで「使いこなせて安全」なLinuxを目指して開発してきた1.X系統についても、今後開発、質問対応等を行いますが、基本的には新規機能の追加よりはバグフィックス、機能改善になります。2.Xのメインライン化を意識して、機能の移植を行います。

Impressions of OLS 2007

Tetsuo Handa

AppArmor?

When having showing the circumstances of the meeting place in the advance information exchange meeting from, as for this the celebration you thought as some shelf. Actually, there is no kind of scene which is opposed, laughing did not become extinct.

The one which is talked with English generally is as thought in advance, but you heard the one which is heard with everyone patter and did not take. Hearing just a little it is lonesome with cause not to be able to laugh the fact that you do not take at the place of the [uke] aim is.

Kentaro Takeda

Being at the point where the transplantation to LSM ends for the present, one work it had become the intention of finishing, but that was the mistake. One may become on the other hand very much future, is.

Generally, it felt keenly the insufficiency of English ability. I wished I could support Harada san and Handa san more.

Acknowledgement


トップ   編集 凍結 差分 バックアップ 添付 複製 名前変更 リロード   新規 一覧 単語検索 最終更新   ヘルプ   最終更新のRSS
Last-modified: 2010-08-07 (土) 16:27:32 (3084d)