I recently sent an abstract to LinuxCon / Kernel Security Summit, and the other day I heard back from one of the panel members. As I mentioned my thoughts on implementing AppArmor on CentOS/RHEL via LKM, he replied about a project that he threw together called AKARI. It’s a fork of TOMOYO, and inserts into the linux kernel in a very similar way to how I was planning on doing AppArmor, and have been recently been toying with in tpe-lkm.
All I can say is, that’s a whole lot of code I won’t have to figure out 🙂 He’s already solved some of the problems I’ve been facing. I haven’t used TOMOYO before so I haven’t given this module a test yet beyond inserting it into one of my test systems, but so far it appears to work as advertised. As my time permits I’ll throw up a git repo called kmod-apparmor, which contains some of this code, and continue my work on it.