Hello li94575,
On Wed, Dec 10, 2014 at 09:29:32PM +0800, li94575 wrote:
Actually, I'm considering introducing a multi-level security policy for genode, as a job of my master's thesis. I just want to add some additional restrictions on the basis of the existing access control mechanism. For example, assigning a security label for each process (except for Core and Init), and performing the rule of " write up and read down ". Of course, I will test it simply(not all drivers), such as in the hello_tutorial.
Have you considered to use Genode's mechanisms (sessions, RPC, recursive structure, init concept, config files) to achieve your goal? In my view, this sounds more natural than to just wedge something into the current implementation of these mechanism on base-foc. Genode capabilities provide a wonderful tool to implement arbitrary access-control policies incl. MAC.
Regards