Hello. I'm planning to release TOMOYO 1.7.1 ("4th anniversary release") on November 11th. It contains various bug fixes and some enhancements. Major changes are shown below. (1) Added recursive directory matching operators. "/\{" and "\}/" are added. The pattern /\{dir\}/ matches '/' + 'One or more repetitions of dir/' (e.g. /dir/ /dir/dir/ /dir/dir/dir/ ). (2) Embedded more information into audit logs. Until now, /proc/ccs/grant_log /proc/ccs/reject_log /proc/ccs/query were not printing file's information (e.g. file's uid/gid/mode). Recently, users who started using "if" clause expect that the learning mode automatically adds various conditions like "if task.uid=path1.uid". But the profile will become too complicated if I support all possible conditions. Thus, I added all information which is enough to generate "if" clause with all possible conditions from audit logs to audit logs. Now, the learning mode got different usage. Users can specify "CONFIG::learning={ max_entry=0 }" in the profile. All requests which are not permitted by policy will be sent to /proc/ccs/reject_log with "mode=learning" header lines. Users can selectively append conditions and append to the policy using "/usr/sbin/ccs-loadpolicy -d". The learning mode with "CONFIG::learning={ max_entry=0 }" is almost the same with the permissive mode, only difference is "mode=learning" and "mode=permissive". (3) Made pathname for activating TOMOYO configurable. Until now, pathnames we can use for activating TOMOYO's functionality were hard coded (either /sbin/init or /sbin/ccs-init ). Android does not have /sbin/init but it is difficult to start /sbin/ccs-init before daemon processes starts. Thus, I decided to activate TOMOYO when /init starts. I made the alternative trigger ( /sbin/ccs-start ) and the default policy loader ( /sbin/ccs-init ) configurable. You can specify different pathnames (e.g. /init or /linuxrc ) instead of /sbin/ccs-init for environments which do not have /sbin/init . (4) Fixed oops when path_group and number_group were not read out atomically. I forgot to escape from nested loops correctly when reading path_group and number_group. As a result, reading path_group and number_group caused kernel oops when they were not read atomically. (5) Fixed memory leak when the same address_group was added. I forgot to call kfree() if same address_group was added. (6) Fixed buffer contention when allow_env is used with argv[]/envp[]. A permission like allow_env PATH if exec.envp["PATH"]="/" was not working since I was using the same buffer for both environment variable's name and value. (7) Fixed stall or incorrect comparison when "if" clause exceeded 255 bytes. I was using "u8" for size parameter by error. As a result, when size >= 256 was passed to ccs_memcmp(), it was doing partial comparison (incorrect result) or read overrun (CPU stall). "if" clause can exceeded 255 bytes if complicated condition was given. (8) Fixed error code when execute_handler and denied_execute_handler failed. ccs_try_alt_exec() was returning ENOMEM when kmalloc() failed. It needs to return -ENOMEM to fail. You can download a snapshot from http://sourceforge.jp/projects/tomoyo/svn/view/trunk/1.7.x/ccs-patch.tar.gz?root=tomoyo&revision=3134&view=tar Ubuntu 9.10's kernel is built with both AppArmor and TOMOYO, but TOMOYO 2.2.0 is terribly lacking in functionality (e.g. no audit logs, no network). Thus, I will provide TOMOYO 1.7.x binary packages for Ubuntu 9.10 . You can download binary kernel packages for Ubuntu 9.10 (made using above snapshot) from http://tomoyo.sourceforge.jp/incoming/linux-image-2.6.31-14-ccs1.7.1-pre_2.6.31-14.48_i386.deb http://tomoyo.sourceforge.jp/incoming/linux-headers-2.6.31-14-ccs1.7.1-pre_2.6.31-14.48_i386.deb http://tomoyo.sourceforge.jp/incoming/linux-headers-2.6.31-14_2.6.31-14.48_all.deb http://tomoyo.sourceforge.jp/incoming/linux-libc-dev_2.6.31-14.48_i386.deb Regards.