This is a a project which provides mandatory access control based on allow list and protects the list in Trusted Execution Environment.
| Name | When | Version |
|---|---|---|
| openssl | build & runtime | 1.1.1c or later |
| meson | build | 0.49 or later |
| ninja | build | |
| pkg-config | build | |
| gcc | build |
Build binaries.
$ meson build $ ninja -C buildInstall the built binaries.
$ ninja -C build install
MiracleWhiteKnight provides 2 management methods for allow list.
- Do not use TEE
- Use TEE
Make a list of directories to search executables
$ echo '/usr' > in.txt
Generate allow list of your root filesystem
# mkag rootfs.wl in.txt # mv rootfs.wl /usr/share/whiteknight/wl.d/
Generate a list of mount points
# echo '/' > /usr/share/whiteknight/ml.d/rootfs.mlRun MiracleWhiteKnight
# systemctl start whiteknight
Coming soon...
Please send PRs via GitHub. We are waiting for your contribution anytime!