On 6/17/06, James Morris <[EMAIL PROTECTED]> wrote:
On Fri, 16 Jun 2006, Stephen Hemminger wrote:
> This is so short, it would make sense to put it in scm.h
> and why not have it return the value instead of call by reference?
> Same goes for selinux_get_inode_sid
Actually, all of the SELinux AP
On Fri, 16 Jun 2006, Stephen Hemminger wrote:
> This is so short, it would make sense to put it in scm.h
> and why not have it return the value instead of call by reference?
> Same goes for selinux_get_inode_sid
Actually, all of the SELinux API functions are like this, and I'm not sure
why for v
On Sat, 17 Jun 2006, Xiaolan Zhang wrote:
> Hi, Stephen,
>
> It appears that selinux_enabled is defined inside selinux module and not
> visible to the rest of the kernel...
Yes, these are SELinux API functions, they belong in
security/selinux/exports.c
But what about Stephens question on the
Hi, Stephen,
It appears that selinux_enabled is defined inside selinux module and not
visible to the rest of the kernel...
thanks,
Catherine
Stephen Hemminger <[EMAIL PROTECTED]> wrote on 06/17/2006 12:16:03 AM:
> O
> >
> > +void selinux_get_sock_sid(const struct socket *sock, u32 *sid)
> > +
O
>
> +void selinux_get_sock_sid(const struct socket *sock, u32 *sid)
> +{
> + if (selinux_enabled) {
> + const struct inode *inode = SOCK_INODE(sock);
> + selinux_get_inode_sid(inode, sid);
> + return;
> + }
> + *sid = 0;
> +}
> +
This is so short
Hi,
Enclosed please find the updated AF_UNIX patch, incorporating comments from
James, Stephen, Dave, Chris, Andrew and others.
The patch is now built upon the newly added SELinux functions exported in
selinux/exports.c, which are also used by the auditing subsystem. One
function, selinux_get_s
Stephen and Andrew,
Many thanks for your comments! Will incorporate your suggestions and
resubmit.
thanks,
Catherine
Stephen Smalley <[EMAIL PROTECTED]> wrote on 04/10/2006 09:11:47 AM:
> On Fri, 2006-04-07 at 19:30 -0400, Catherine Zhang wrote:
> > Hi, James, Stephen, Dave and Chris,
> >
>
On Fri, 2006-04-07 at 19:30 -0400, Catherine Zhang wrote:
> Hi, James, Stephen, Dave and Chris,
>
> Enclosed please find the updated AF_UNIX patch. It addressed three major
> issues in the previous patch.
>
> 1. No directly calling of the SELINUX function security_sid_to_context().
>The fix
Catherine Zhang <[EMAIL PROTECTED]> wrote:
>
> Enclosed please find the updated AF_UNIX patch.
>
> ...
>
> --- linux-2.6.17-rc1/include/asm-alpha/socket.h~lsm-secpeer-unix
> 2006-04-03 18:19:47.0 -0400
> +++ linux-2.6.17-rc1-cxzhang/include/asm-alpha/socket.h 2006-04-03
> 18:20
Hi, James, Stephen, Dave and Chris,
Enclosed please find the updated AF_UNIX patch. It addressed three major
issues in the previous patch.
1. No directly calling of the SELINUX function security_sid_to_context().
The fix is to export this and other similar functions through
wrapper functio
10 matches
Mail list logo
