Linux kernel security module management method, system, device and medium
By introducing an adaptation hook function mechanism, the security hook functions of third-party modules are decoupled from the kernel version, which solves the compatibility problem caused by version changes in the LSM framework, realizes stable and flexible security checks across versions, reduces maintenance costs, and improves the system's compatibility and portability.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- XIAN THERMAL POWER RES INST CO LTD
- Filing Date
- 2026-03-13
- Publication Date
- 2026-06-19
AI Technical Summary
Due to differences in Linux kernel versions, the hook function interfaces and security checkpoints of the Linux Security Module (LSM) framework may change, requiring third-party security modules to rewrite or modify their code for each kernel version. This increases the complexity of module development and maintenance and limits cross-version portability.
An adaptation hook function mechanism is introduced to decouple the security hook functions of third-party modules from the security checkpoints of specific kernel versions. By adapting the hook functions, the security checkpoints are mapped to the actual hook interfaces of the current kernel. The kernel version is dynamically obtained and a compatible registration interface is selected. The security hook functions are organized using a linked list structure and executed and decided according to a predefined order and aggregation strategy.
It reduces the maintenance cost of third-party modules, improves cross-kernel version compatibility and portability, ensures the stability of security checks and the consistency of policies, avoids code modifications due to kernel version changes, and enhances the robustness and flexibility of the system.
Smart Images

Figure CN122241732A_ABST