kernel-ark/include
Venkat Yekkirala 7420ed23a4 [NetLabel]: SELinux support
Add NetLabel support to the SELinux LSM and modify the
socket_post_create() LSM hook to return an error code.  The most
significant part of this patch is the addition of NetLabel hooks into
the following SELinux LSM hooks:

 * selinux_file_permission()
 * selinux_socket_sendmsg()
 * selinux_socket_post_create()
 * selinux_socket_sock_rcv_skb()
 * selinux_socket_getpeersec_stream()
 * selinux_socket_getpeersec_dgram()
 * selinux_sock_graft()
 * selinux_inet_conn_request()

The basic reasoning behind this patch is that outgoing packets are
"NetLabel'd" by labeling their socket and the NetLabel security
attributes are checked via the additional hook in
selinux_socket_sock_rcv_skb().  NetLabel itself is only a labeling
mechanism, similar to filesystem extended attributes, it is up to the
SELinux enforcement mechanism to perform the actual access checks.

In addition to the changes outlined above this patch also includes
some changes to the extended bitmap (ebitmap) and multi-level security
(mls) code to import and export SELinux TE/MLS attributes into and out
of NetLabel.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-09-22 14:53:36 -07:00
..
acpi Pull acpi_os_allocate into test branch 2006-07-10 02:39:47 -04:00
asm-alpha [HEADERS] One line per header in Kbuild files to reduce conflicts 2006-09-19 12:43:58 +01:00
asm-arm [ARM] 3815/1: headers_install support for ARM 2006-09-18 16:28:50 +01:00
asm-arm26 [PATCH] remove set_wmb - arch removal 2006-07-14 21:56:14 -07:00
asm-cris [PATCH] remove set_wmb - arch removal 2006-07-14 21:56:14 -07:00
asm-frv [PATCH] remove set_wmb - arch removal 2006-07-14 21:56:14 -07:00
asm-generic [HEADERS] One line per header in Kbuild files to reduce conflicts 2006-09-19 12:43:58 +01:00
asm-h8300 [PATCH] remove set_wmb - arch removal 2006-07-14 21:56:14 -07:00
asm-i386 [HEADERS] One line per header in Kbuild files to reduce conflicts 2006-09-19 12:43:58 +01:00
asm-ia64 [HEADERS] One line per header in Kbuild files to reduce conflicts 2006-09-19 12:43:58 +01:00
asm-m32r [PATCH] remove set_wmb - arch removal 2006-07-14 21:56:14 -07:00
asm-m68k [PATCH] Fix 'make headers_check' on ia64 2006-09-19 07:59:59 -07:00
asm-m68knommu [PATCH] remove set_wmb - arch removal 2006-07-14 21:56:14 -07:00
asm-mips [PATCH] headers_check: fix userspace build of asm-mips/page.h 2006-09-13 07:32:16 -07:00
asm-parisc [PATCH] headers_check: Clean up asm-parisc/page.h for user headers 2006-09-19 07:59:59 -07:00
asm-powerpc Merge git://git.infradead.org/~dwmw2/hdroneline 2006-09-22 12:56:22 -07:00
asm-ppc [POWERPC] 40x: Fix debug status register defines 2006-09-21 22:59:39 +10:00
asm-s390 Merge git://git.infradead.org/~dwmw2/hdroneline 2006-09-22 12:56:22 -07:00
asm-sh [PATCH] sh: fix FPN_START typo 2006-09-08 10:22:50 -07:00
asm-sh64 sh64: Use generic BUG_ON()/WARN_ON(). 2006-09-12 14:38:23 +09:00
asm-sparc [HEADERS] One line per header in Kbuild files to reduce conflicts 2006-09-19 12:43:58 +01:00
asm-sparc64 [HEADERS] One line per header in Kbuild files to reduce conflicts 2006-09-19 12:43:58 +01:00
asm-um Merge git://git.infradead.org/hdrinstall-2.6 2006-07-04 12:55:45 -07:00
asm-v850 [PATCH] remove set_wmb - arch removal 2006-07-14 21:56:14 -07:00
asm-x86_64 [HEADERS] One line per header in Kbuild files to reduce conflicts 2006-09-19 12:43:58 +01:00
asm-xtensa [PATCH] remove set_wmb - arch removal 2006-07-14 21:56:14 -07:00
crypto [CRYPTO] digest: Added user API for new hash type 2006-09-21 11:46:17 +10:00
keys [PATCH] keys: discard the contents of a key on revocation 2006-06-26 09:58:18 -07:00
linux [NetLabel]: SELinux support 2006-09-22 14:53:36 -07:00
math-emu
media V4L/DVB (4605): Fixes an issue with V4L1 and make headers-install 2006-09-10 13:45:55 -03:00
mtd Merge git://git.infradead.org/~dwmw2/hdroneline 2006-09-22 12:56:22 -07:00
net [NetLabel]: core network changes 2006-09-22 14:53:32 -07:00
pcmcia
rdma [HEADERS] One line per header in Kbuild files to reduce conflicts 2006-09-19 12:43:58 +01:00
rxrpc
scsi [HEADERS] One line per header in Kbuild files to reduce conflicts 2006-09-19 12:43:58 +01:00
sound [HEADERS] One line per header in Kbuild files to reduce conflicts 2006-09-19 12:43:58 +01:00
video [HEADERS] One line per header in Kbuild files to reduce conflicts 2006-09-19 12:43:58 +01:00
Kbuild [HEADERS] One line per header in Kbuild files to reduce conflicts 2006-09-19 12:43:58 +01:00