Piteball/android_kernel_samsung_msm8976
1
1
Fork 0
mirror of https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git synced 2024-11-01 10:33:27 +00:00
Code Issues Projects Releases Wiki Activity
android_kernel_samsung_msm8976/security/selinux/ss
History
Harry Ciao 6f5317e730 SELinux: Socket retains creator role and MLS attribute 
The socket SID would be computed on creation and no longer inherit
its creator's SID by default. Socket may have a different type but
needs to retain the creator's role and MLS attribute in order not
to break labeled networking and network access control.

The kernel value for a class would be used to determine if the class
if one of socket classes. If security_compute_sid is called from
userspace the policy value for a class would be mapped to the relevant
kernel value first.

Signed-off-by: Harry Ciao <qingtao.cao@windriver.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
2011-03-03 15:19:43 -05:00
..
avtab.c SELinux: allow userspace to read policy back out of the kernel 2010-10-21 10:12:58 +11:00
avtab.h SELinux: Use dentry name in new object labeling 2011-02-01 11:12:30 -05:00
conditional.c selinux: convert part of the sym_val_to_name array to use flex_array 2010-11-30 17:28:58 -05:00
conditional.h SELinux: allow userspace to read policy back out of the kernel 2010-10-21 10:12:58 +11:00
constraint.h
context.h selinux: allow MLS->non-MLS and vice versa upon policy reload 2010-02-04 09:06:36 +11:00
ebitmap.c SELinux: allow userspace to read policy back out of the kernel 2010-10-21 10:12:58 +11:00
ebitmap.h security:selinux: kill unused MAX_AVTAB_HASH_MASK and ebitmap_startbit 2011-01-24 10:36:11 +11:00
hashtab.c
hashtab.h
mls.c SELinux: Socket retains creator role and MLS attribute 2011-03-03 15:19:43 -05:00
mls.h SELinux: Socket retains creator role and MLS attribute 2011-03-03 15:19:43 -05:00
mls_types.h selinux: allow MLS->non-MLS and vice versa upon policy reload 2010-02-04 09:06:36 +11:00
policydb.c SELinux: Use dentry name in new object labeling 2011-02-01 11:12:30 -05:00
policydb.h SELinux: Use dentry name in new object labeling 2011-02-01 11:12:30 -05:00
services.c SELinux: Socket retains creator role and MLS attribute 2011-03-03 15:19:43 -05:00
services.h
sidtab.c selinux: cache sidtab_context_to_sid results 2010-12-07 16:44:01 -05:00
sidtab.h selinux: cache sidtab_context_to_sid results 2010-12-07 16:44:01 -05:00
status.c selinux: fix up style problem on /selinux/status 2010-10-21 10:12:41 +11:00
symtab.c selinux: fix error codes in symtab_init() 2010-08-02 15:35:04 +10:00
symtab.h