Make validatetrans decisions available through selinuxfs.
"/transition" is added to selinuxfs for this purpose.
This functionality is needed by file system servers
implemented in userspace or kernelspace without the VFS
layer.
Writing "$oldcontext $newcontext $tclass $taskcontext"
to /transition
On 10/27/2015 02:27 PM, Andrew Perepechko wrote:
+ if (rc)
+ goto out;
+
+ rc = -ENOMEM;
+ if (count >= PAGE_SIZE - 1)
+ goto out;
Why PAGE_SIZE-1?
This is to avoid allocation of more than a single page.
Yes, but you don't need PAGE_SIZE - 1
