kernel-ark/kernel
Darrel Goeddel c7bdb545d2 [NETLINK]: Encapsulate eff_cap usage within security framework.
This patch encapsulates the usage of eff_cap (in netlink_skb_params) within
the security framework by extending security_netlink_recv to include a required
capability parameter and converting all direct usage of eff_caps outside
of the lsm modules to use the interface.  It also updates the SELinux
implementation of the security_netlink_send and security_netlink_recv
hooks to take advantage of the sid in the netlink_skb_params struct.
This also enables SELinux to perform auditing of netlink capability checks.
Please apply, for 2.6.18 if possible.

Signed-off-by: Darrel Goeddel <dgoeddel@trustedcs.com>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by:  James Morris <jmorris@namei.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:57:55 -07:00
..
irq [PATCH] genirq: add chip->eoi(), fastack -> fasteoi 2006-06-29 10:26:26 -07:00
power [PATCH] pm_trace is dangerous 2006-06-27 17:32:35 -07:00
time [PATCH] time: rename clocksource functions 2006-06-26 09:58:21 -07:00
.gitignore
acct.c [PATCH] fix kernel-doc in kernel/ dir 2006-06-27 17:32:39 -07:00
audit.c [NETLINK]: Encapsulate eff_cap usage within security framework. 2006-06-29 16:57:55 -07:00
audit.h
auditfilter.c
auditsc.c [PATCH] Remove redundant NULL checks before [kv]free - in kernel/ 2006-06-27 17:32:48 -07:00
capability.c
compat.c
configs.c
cpu.c [PATCH] cpu hotplug: make [un]register_cpu_notifier init time only 2006-06-27 17:32:41 -07:00
cpuset.c [PATCH] proc: Use struct pid not struct task_ref 2006-06-26 09:58:26 -07:00
dma.c
exec_domain.c
exit.c [PATCH] pi-futex: futex_lock_pi/futex_unlock_pi support 2006-06-27 17:32:47 -07:00
extable.c
fork.c [PATCH] pi-futex: futex_lock_pi/futex_unlock_pi support 2006-06-27 17:32:47 -07:00
futex_compat.c [PATCH] pi-futex: futex_lock_pi/futex_unlock_pi support 2006-06-27 17:32:47 -07:00
futex.c [PATCH] futex_requeue() optimization 2006-06-27 17:32:48 -07:00
hrtimer.c [PATCH] cpu hotplug: revert initdata patch submitted for 2.6.17 2006-06-27 17:32:41 -07:00
itimer.c
kallsyms.c
Kconfig.hz
Kconfig.preempt
kexec.c [POWERPC] Add the use of the firmware soft-reset-nmi to kdump. 2006-06-28 15:18:52 +10:00
kfifo.c
kmod.c
kprobes.c [PATCH] Notify page fault call chain 2006-06-26 09:58:22 -07:00
ksysfs.c
kthread.c [PATCH] kthread: move kernel-doc and put it into DocBook 2006-06-25 10:01:24 -07:00
Makefile [PATCH] pi-futex: rt mutex tester 2006-06-27 17:32:47 -07:00
module.c [PATCH] load_module() cleanup 2006-06-28 14:59:04 -07:00
mutex-debug.c [PATCH] poison: add & use more constants 2006-06-27 17:32:38 -07:00
mutex-debug.h [PATCH] work around ppc64 bootup bug by making mutex-debugging save/restore irqs 2006-06-26 09:58:16 -07:00
mutex.c [PATCH] work around ppc64 bootup bug by making mutex-debugging save/restore irqs 2006-06-26 09:58:16 -07:00
mutex.h [PATCH] work around ppc64 bootup bug by making mutex-debugging save/restore irqs 2006-06-26 09:58:16 -07:00
panic.c
params.c
pid.c
posix-cpu-timers.c
posix-timers.c
printk.c
profile.c [PATCH] cpu hotplug: revert init patch submitted for 2.6.17 2006-06-27 17:32:40 -07:00
ptrace.c [PATCH] coredump: kill ptrace related stuff 2006-06-26 09:58:27 -07:00
rcupdate.c [PATCH] cpu hotplug: revert initdata patch submitted for 2.6.17 2006-06-27 17:32:41 -07:00
rcutorture.c [PATCH] rcutorture: add call_rcu_bh() operations 2006-06-27 17:32:40 -07:00
relay.c
resource.c Merge master.kernel.org:/pub/scm/linux/kernel/git/gregkh/pci-2.6 2006-06-29 10:49:17 -07:00
rtmutex_common.h [PATCH] pi-futex: futex_lock_pi/futex_unlock_pi support 2006-06-27 17:32:47 -07:00
rtmutex-debug.c [PATCH] pi-futex: rt mutex debug 2006-06-27 17:32:47 -07:00
rtmutex-debug.h [PATCH] pi-futex: rt mutex debug 2006-06-27 17:32:47 -07:00
rtmutex-tester.c [PATCH] rtmutex: Modify rtmutex-tester to test the setscheduler propagation 2006-06-27 17:32:47 -07:00
rtmutex.c [PATCH] rtmutex: Propagate priority settings into PI lock chains 2006-06-27 17:32:48 -07:00
rtmutex.h [PATCH] pi-futex: rt mutex core 2006-06-27 17:32:47 -07:00
sched.c [PATCH] rtmutex: Propagate priority settings into PI lock chains 2006-06-27 17:32:48 -07:00
seccomp.c
signal.c [PATCH] coredump: kill ptrace related stuff 2006-06-26 09:58:27 -07:00
softirq.c [PATCH] cpu hotplug: revert initdata patch submitted for 2.6.17 2006-06-27 17:32:41 -07:00
softlockup.c [PATCH] cpu hotplug: revert initdata patch submitted for 2.6.17 2006-06-27 17:32:41 -07:00
spinlock.c
stop_machine.c
sys_ni.c
sys.c
sysctl.c [PATCH] pi-futex: rt mutex core 2006-06-27 17:32:47 -07:00
time.c [PATCH] Time: Introduce arch generic time accessors 2006-06-26 09:58:20 -07:00
timer.c [PATCH] cpu hotplug: revert initdata patch submitted for 2.6.17 2006-06-27 17:32:41 -07:00
uid16.c
unwind.c [PATCH] x86_64: allow unwinder to build without module support 2006-06-26 10:48:18 -07:00
user.c
wait.c
workqueue.c [PATCH] cpu hotplug: revert init patch submitted for 2.6.17 2006-06-27 17:32:40 -07:00