davidlt/kernel-ark
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
59df3166ef
kernel-ark/security/tomoyo
History
Tetsuo Handa 59df3166ef TOMOYO: Fix interactive judgment functionality. 
Commit 17fcfbd9 "TOMOYO: Add interactive enforcing mode." introduced ability
to query access decision using userspace programs. It was using global PID for
reaching policy configuration of the process. However, use of PID returns stale
policy configuration when the process's subjective credentials and objective
credentials differ. Fix this problem by allowing reaching policy configuration
via query id.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
2011-10-29 08:34:41 +11:00
..
audit.c TOMOYO: Allow controlling generation of access granted logs for per an entry basis. 2011-09-14 08:27:06 +10:00
common.c TOMOYO: Fix interactive judgment functionality. 2011-10-29 08:34:41 +11:00
common.h TOMOYO: Remove tomoyo_policy_memory_lock spinlock. 2011-09-26 10:46:22 +10:00
condition.c TOMOYO: Simplify garbage collector. 2011-09-26 10:46:20 +10:00
domain.c TOMOYO: Fix domain transition failure warning. 2011-09-28 11:53:15 +10:00
environ.c TOMOYO: Add environment variable name restriction support. 2011-09-14 08:27:05 +10:00
file.c TOMOYO: Fix make namespacecheck warnings. 2011-09-26 10:46:19 +10:00
gc.c TOMOYO: Fix quota and garbage collector. 2011-10-12 12:15:20 +11:00
group.c TOMOYO: Add socket operation restriction support. 2011-09-14 08:27:05 +10:00
Kconfig TOMOYO: Add socket operation restriction support. 2011-09-14 08:27:05 +10:00
load_policy.c TOMOYO: Update kernel-doc. 2011-07-14 17:50:03 +10:00
Makefile TOMOYO: Bump version. 2011-09-15 08:14:21 +10:00
memory.c TOMOYO: Remove tomoyo_policy_memory_lock spinlock. 2011-09-26 10:46:22 +10:00
mount.c TOMOYO: Update kernel-doc. 2011-07-14 17:50:03 +10:00
network.c TOMOYO: Add socket operation restriction support. 2011-09-14 08:27:05 +10:00
realpath.c TOMOYO: Add socket operation restriction support. 2011-09-14 08:27:05 +10:00
securityfs_if.c TOMOYO: Fix make namespacecheck warnings. 2011-09-26 10:46:19 +10:00
tomoyo.c TOMOYO: Add socket operation restriction support. 2011-09-14 08:27:05 +10:00
util.c TOMOYO: Fix quota and garbage collector. 2011-10-12 12:15:20 +11:00