]> bbs.cooldavid.org Git - net-next-2.6.git/commit
git://bbs.cooldavid.org / net-next-2.6.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 15714f7) | patch
secmark: make secmark object handling generic
authorEric Paris <eparis@redhat.com>
Wed, 13 Oct 2010 20:24:41 +0000 (16:24 -0400)
committerJames Morris <jmorris@namei.org>
Wed, 20 Oct 2010 23:12:48 +0000 (10:12 +1100)
commit2606fd1fa5710205b23ee859563502aa18362447
treef79becd7010a2da1a765829fce0e09327cd50531tree | snapshot (tar.bz2 tar.gz zip)
parent15714f7b58011cf3948cab2988abea560240c74fcommit | diff
secmark: make secmark object handling generic

Right now secmark has lots of direct selinux calls.  Use all LSM calls and
remove all SELinux specific knowledge.  The only SELinux specific knowledge
we leave is the mode.  The only point is to make sure that other LSMs at
least test this generic code before they assume it works.  (They may also
have to make changes if they do not represent labels as strings)

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Paul Moore <paul.moore@hp.com>
Acked-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: James Morris <jmorris@namei.org>
include/linux/netfilter/xt_SECMARK.h diff | blob | blame | history
include/linux/security.h diff | blob | blame | history
include/linux/selinux.h diff | blob | blame | history
net/netfilter/xt_CT.c diff | blob | blame | history
net/netfilter/xt_SECMARK.c diff | blob | blame | history
security/capability.c diff | blob | blame | history
security/security.c diff | blob | blame | history
security/selinux/exports.c diff | blob | blame | history
security/selinux/hooks.c diff | blob | blame | history
security/selinux/include/security.h diff | blob | blame | history
Clone of davem's net-next-2.6 tree