Enforcement of security policies for kernel module loading
US7644271B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Nov 7, 2005 |
| Grant date | Jan 5, 2010 |
| Priority date | — |
| Expiry date | Feb 1, 2028 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1441
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A method and computer program product for providing enforcement of security policies for kernel module loading is presented. File paths for shared library executable files opened by user processes are cached. When a request to load a kernel loadable module (KLM) is received, a previously cached file path for said KLM is retrieved, said file path mapping a location of an executable file from which said KLM was produced. A security policy is applied to said file path, wherein when said file path triggers a security policy rule then an action associated with a triggered rule is taken, and wherein when said file path does not trigger a security policy rule then said KLM request is allowed to proceed.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.