nux/include/security.h | 3 +
security/selinux/selinuxfs.c| 80 ++
security/selinux/ss/services.c | 34 --
security/smack/smack_lsm.c | 4 +-
15 files changed, 302 insertions(+), 88 deletions(-)
--
paul moore
security @ redhat
--
To unsubscribe f
never had the time to see it through to the end; I'm happy that
someone was finally able to get it finished.
--
paul moore
www.paul-moore.com
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
tate.
>
> This patch clones the sock's label from the parent sock and resolves the
> issue (similar to AF_BLUETOOTH protocol family).
>
> Cc: Paul Moore <pmo...@redhat.com>
> Cc: David Teigland <teigl...@redhat.com>
> Signed-off-by: Marcelo Ricardo Leitner <marcel
e
your easiest path forward with respect to the kernel, although it may
turn out to be a non-starter from a binder point of view. I just want
to reiterate that I'm not against the idea of exposing the secid
tokens, but not necessarily in their current form; we will probably
want to revisit the idea
on't have an OS regression. I just get tired of code like this
> in openswan:
>
> #ifdef HAVE_LABELED_IPSEC
> /* security label length should not exceed 256 in most cases,
> * (discussed with kernel and selinux people).
> */
> #define MAX_SECCTX_LEN257 /* including '\0'*/
perhaps ultimately we would
need something else, but I think it is worth looking into this first before we
introduce another string label.
--
paul moore
www.paul-moore.com
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to maj
is released and the process repeats.
As in the past, this process is subject to change, but I'm hopeful that this
approach should work for the foreseeable future.
--
paul moore
www.paul-moore.com
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" i
ossible.
While I'm sympathetic to your desire for less complexity and better
performance in passing security labels, from a kernel perspective I
think we lose too much in exporting the secid tokens outside the LSM.
--
paul moore
www.paul-moore.com
--
To unsubscribe from this list: send the l
handling
security/selinux/ss/conditional.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--
paul moore
security @ redhat
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majo
.
The bulk of this patch is moving the CONFIG_AUDIT block ahead of the
CONFIG_AUDITSYSCALL block in include/linux/audit.h; the only real
code change was in the audit_seccomp() definition.
Reported-by: Tony Jones <to...@suse.de>
Signed-off-by: Paul Moore <pmo...@redhat.com>
---
include/l
On Mon, Nov 23, 2015 at 5:20 PM, Tony Jones <to...@suse.de> wrote:
> On 11/23/2015 02:20 PM, Paul Moore wrote:
>> Previously we were emitting seccomp audit records regardless of the
>> audit_enabled setting, a deparature from the rest of audit. This
>> patch makes
-secnext
--
paul moore
www.paul-moore.com
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
tle busy lately with the merge window and now some -rc1 testing.
--
paul moore
www.paul-moore.com
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
;sclass - 1].name,
> +task_pid_nr(current), current->comm);
> if (!selinux_enforcing || security_get_allow_unknown())
> err = 0;
> }
--
paul moore
www.paul-moore.com
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
ited("SELinux: unrecognized netlink"
" message: protocol=%hu nlmsg_type=%hu sclass=%s"
" pig=%d comm=%s\n",
sk->sk_protocol, nlh->nlmsg_type,
secclass_map[sksec->sclass - 1].name,
ncontext,
> + tcontext,
> + tclass);
> goto out;
> }
> constraint = co
NODE(sock));
> + isec = inode_security_novalidate(SOCK_INODE(sock));
> newisec->sclass = isec->sclass;
> newisec->sid = isec->sid;
> newisec->initialized = LABEL_INITIALIZED;
> @@ -4620,7 +4679,8 @@ static void selinux_sk_getsecid(struct sock *s
ses, right?
>
> I guess, yes.
There is no time like the present. All the patches look fine to me,
but I think it would be good to add the additional
inode_security_novalidate() calls. If you want, you can just post a
"8/7" patch with the extra calls added and I'll apply that on top
On Tuesday, October 20, 2015 04:41:14 PM Stephen Smalley wrote:
> On Mon, Oct 19, 2015 at 6:29 PM, Paul Moore <pmo...@redhat.com> wrote:
> > On Friday, October 09, 2015 10:56:12 AM Stephen Smalley wrote:
> >> On 10/07/2015 07:08 PM, Paul Moore wrote:
> >> > d
file_security_struct
(2015-10-21 17:44:30 -0400)
Geliang Tang (1):
selinux: ioctl_has_perm should be static
Jeff Vander Stoep (1):
selinux: do not check open perm on ftruncate call
Paul Moore (1):
selinux
On Friday, October 09, 2015 10:56:12 AM Stephen Smalley wrote:
> On 10/07/2015 07:08 PM, Paul Moore wrote:
> > diff --git a/ipc/kdbus/connection.c b/ipc/kdbus/connection.c
> > index ef63d65..1cb87b3 100644
> > --- a/ipc/kdbus/connection.c
> > +++ b/ipc/kdbus/connect
ght be useful as the normal behavior has been altered; I
tend to think any action != ALLOW is worth logging. However, I'm open
to discussion on this if others feel strongly.
>> + if (audit_enabled && (signr || unlikely(!audit_dummy_context(
>> _
s from Opera, that is something that most likely warrants some closer
inspection. Are all the records the same/similar? Can you paste some into
email?
--
paul moore
www.paul-moore.com
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a
My apologies for the resend, I had the wrong email for Kees.
On Monday, October 12, 2015 11:29:43 AM Paul Moore wrote:
> On Friday, October 09, 2015 08:50:01 PM Tony Jones wrote:
> > Hi.
> >
> > What is the expected handling of AUDIT_SECCOMP if audit_enabled == 0?
> &
On Friday, October 09, 2015 04:17:17 PM Stephen Smalley wrote:
> On 10/09/2015 11:39 AM, Paul Moore wrote:
> > On Friday, October 09, 2015 11:05:58 AM Stephen Smalley wrote:
> >> On 10/07/2015 07:08 PM, Paul Moore wrote:
> >>> +static int selinux_kdbus_
On Friday, October 09, 2015 10:31:07 AM Stephen Smalley wrote:
> mode still remains
Yes it does, it looks like I went a little crazy with the Ctrl-K ... thanks
for the review, it will be fixed in the next draft.
--
paul moore
security @ redhat
--
To unsubscribe from this list: send the l
On Friday, October 09, 2015 11:05:58 AM Stephen Smalley wrote:
> On 10/07/2015 07:08 PM, Paul Moore wrote:
> > +static int selinux_kdbus_init_inode(struct inode *inode,
> > + const struct cred *creds)
> > +{
> > + struct inode_se
On Wednesday, October 07, 2015 07:08:48 PM Paul Moore wrote:
> +static int selinux_kdbus_conn_see_notification(const struct cred *creds)
> +{
> + return avc_has_perm(SECINITSID_KERNEL, cred_sid(creds),
> + SECCLASS_KDBUS, KDBUS__SEE_NOTIFI
sizeof(struct file_security_struct),
> + 0, SLAB_PANIC, NULL);
> avc_init();
>
> security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks));
--
paul moore
www.paul-moore.com
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
developers and reduce the size of the resulting policy.
Signed-off-by: Paul Moore <pmo...@redhat.com>
---
ChangeLog:
- v3
* Ported to the 4.3-rc4 based kdbus tree, v2 hacks removed
- v2
* Porting needed to work with ioctl xperms
- v1
* Initial draft
---
security/selinux/include/security.h
areas of the previous kdbus code except for areas where the
uid/gid was never set beyond the basic initialization to zero/root;
I expect this was a bug that was never caught as the node creator in
these cases was always expect to be root.
Signed-off-by: Paul Moore <pmo...@redhat.com>
---
Cha
The kdbus service names will be recorded using 'service', similar to
the existing dbus audit records.
Signed-off-by: Paul Moore <pmo...@redhat.com>
---
ChangeLog:
- v3
* Ported to the 4.3-rc4 based kdbus tree
- v2
* Initial draft
---
include/linux/lsm_audit.h |2 ++
security/lsm_a
No real functional improvements since the v2 patchset earlier this
week, the main update is rebasing on GregKH's current kdbus tree
which is now 4.3-rc4 based and as a result brings the LSM stacking
changes and SELinux ioctl/xperm additions.
---
Paul Moore (5):
kdbus: add creator
On Tuesday, October 06, 2015 08:55:33 PM Nicolas Iooss wrote:
> On 10/05/2015 10:41 PM, Paul Moore wrote:
> > Add the SELinux access control implementation for the new kdbus LSM
>
> > hooks using the new kdbus object class and the following permissions:
> [[SNIP]]
>
&
areas of the previous kdbus code except for areas where the
uid/gid was never set beyond the basic initialization to zero/root;
I expect this was a bug that was never caught as the node creator in
these cases was always expect to be root.
Signed-off-by: Paul Moore <pmo...@redhat.com>
---
Cha
developers and reduce the size of the resulting policy.
Signed-off-by: Paul Moore <pmo...@redhat.com>
---
ChangeLog:
- v2
* Porting needed to work with ioctl xperms
- v1
* Initial draft
---
security/selinux/include/security.h |5 ++
security/selinux/ss/policydb.c
The kdbus service names will be recorded using 'service', similar to
the existing dbus audit records.
Signed-off-by: Paul Moore <pmo...@redhat.com>
---
ChangeLog:
- v2
* Initial draft
---
include/linux/lsm_audit.h |2 ++
security/lsm_audit.c |4
2 files changed, 6 inse
.
* kdbus:see_notification
See a kdbus notification.
Signed-off-by: Paul Moore <pmo...@redhat.com>
---
ChangeLog:
- v2
* Add the selinux_kdbus_init_inode() hook
* Add some very basic info on the permissions to the description
* Add kdbus service name auditing in the AVC records
- v1
* Initial
On Thursday, August 13, 2015 04:40:52 PM Steve Grubb wrote:
> On Wednesday, August 12, 2015 10:48:10 PM Paul Moore wrote:
> > On Wednesday, August 12, 2015 05:38:14 PM Steve Grubb wrote:
> > > On Wednesday, August 12, 2015 08:40:34 AM Paul Moore wrote:
> > > > H
; - GFP_KERNEL);
> + length = security_context_str_to_sid(tcon, , GFP_KERNEL);
> if (length)
> goto out;
>
> diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
> index b7df12ba6
,7 @@ static int selinux_inode_setsecurity(struct inode
> *inode, const char *name, if (!value || !size)
> return -EACCES;
>
> - rc = security_context_to_sid((void *)value, size, , GFP_KERNEL);
> + rc = security_context_to_sid(value, size, , GFP_KERNEL);
&
*scontext = scontextp;
> goto out;
> }
--
paul moore
www.paul-moore.com
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
> name_len);
> - (*names)[i][name_len - 1] = 0;
> }
> rc = 0;
> out:
--
paul moore
www.paul-moore.com
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
t;role - 1),
> sym_name(, SYM_TYPES, context->type - 1));
> - scontextp += strlen(sym_name(, SYM_USERS, context->user - 1)) +
> - 1 + strlen(sym_name(, SYM_ROLES, context->role -
> 1)) +
> - 1 + strlen(sym_name(
to minimize merge issues was a better decision. Thse patches
applied to 2.6.24 do compile, boot, and run without any known
regressions.
--
paul moore
linux security @ hp
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED
On Tuesday 29 January 2008 7:43:11 pm James Morris wrote:
On Tue, 29 Jan 2008, Paul Moore wrote:
That seems reasonable. By the way, this isn't really related, but is it
possible to change the NF_IP_PRI_SELINUX_* constants to
NF_IP_PRI_SECURITY_* for the sake of consistency or are those
changes at
once.
As a general rule, removing functionality from the kernel tends to be
much more difficult then adding it.
--
paul moore
linux security @ hp
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo
(secattr);
+ rc = smack_netlabel(sk);
I haven't checked the latest SMACK bits, but I'm pretty sure you don't
need to assign the return value of 'smack_netlabel()' to anything here
since the function doesn't return a value.
}
/**
--
paul moore
linux security @ hp
-
To unsubscribe from
thanks to Venkat Yekkirala [EMAIL PROTECTED] whose earlier
work on this topic eventually led to this patch.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
security/selinux/hooks.c | 402 --
1 files changed, 280 insertions(+), 122 deletions(-)
diff
This patch adds auditing support to the NetLabel static labeling mechanism.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
include/linux/audit.h |2
net/netlabel/netlabel_unlabeled.c | 207 ++---
2 files changed, 195 insertions(+), 14 deletions
the netlabel_tools package. The matching security label is
returned to the caller just as if the packet was explicitly labeled using a
labeling protocol.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
include/net/netlabel.h|6
net/netlabel/netlabel_kapi.c | 16
net/netlabel
.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
security/selinux/include/av_perm_to_string.h |9 +
security/selinux/include/av_permissions.h|9 +
security/selinux/include/class_to_string.h |7 +++
security/selinux/include/flask.h |1 +
4 files
Instead of storing the packet's network interface name store the ifindex. This
allows us to defer the need to lookup the net_device structure until the audit
record is generated meaning that in the majority of cases we never need to
bother with this at all.
Signed-off-by: Paul Moore [EMAIL
-by: Paul Moore [EMAIL PROTECTED]
---
include/net/netlabel.h |2 ++
net/netlabel/netlabel_kapi.c|2 ++
security/selinux/hooks.c| 33 ++---
security/selinux/include/netlabel.h |8 +++-
security/selinux/netlabel.c
of the
NetLabel kernel API.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
include/net/netlabel.h| 91 ++---
net/ipv4/cipso_ipv4.c | 59 +++-
net/netlabel/netlabel_unlabeled.c |1
security/selinux/ss/mls.c | 10
entry with the
hash/mapping table spinlock.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
net/netlabel/netlabel_domainhash.c | 30 +-
1 files changed, 9 insertions(+), 21 deletions(-)
diff --git a/net/netlabel/netlabel_domainhash.c
b/net/netlabel
-by: Paul Moore [EMAIL PROTECTED]
---
net/netlabel/netlabel_domainhash.c | 47 ++--
1 files changed, 34 insertions(+), 13 deletions(-)
diff --git a/net/netlabel/netlabel_domainhash.c
b/net/netlabel/netlabel_domainhash.c
index b3675bd..1f8f7ac 100644
--- a/net
This patch removes some unneeded RCU read locks as we can treat the reads as
safe even without RCU. It also converts the NetLabel configuration refcount
from a spinlock protected u32 into atomic_t to be more consistent with the rest
of the kernel.
Signed-off-by: Paul Moore [EMAIL PROTECTED
://git.infradead.org/?p=users/pcmoore/lblnet-2.6_testing
--
paul moore
linux security @ hp
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
is not the case.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
include/linux/selinux.h | 45 +++---
net/netfilter/xt_SECMARK.c | 13 ++-
security/selinux/exports.c | 20 +++--
security/selinux/hooks.c| 46
Currently network traffic can be sliently dropped due to non-avc errors which
can lead to much confusion when trying to debug the problem. This patch adds
warning messages so that when these events occur there is a user visible
notification.
Signed-off-by: Paul Moore [EMAIL PROTECTED
On Wednesday 16 January 2008 5:13:53 pm James Morris wrote:
On Wed, 16 Jan 2008, Paul Moore wrote:
On Tuesday 15 January 2008 8:05:27 pm James Morris wrote:
On Tue, 15 Jan 2008, David Howells wrote:
secid_to_secctx() LSM hook. This patch also includes the SELinux
implementation
to Valdis for reporting the problem over the
holidays. In order to help spot similar problems in the future I added some
warning messages to the SELinux network code to eliminate these silent drops.
If you are run into any problems or have any comments please let me know.
Thanks.
--
paul moore
-by: Paul Moore [EMAIL PROTECTED]
---
net/netlabel/netlabel_domainhash.c | 47 ++--
1 files changed, 34 insertions(+), 13 deletions(-)
diff --git a/net/netlabel/netlabel_domainhash.c
b/net/netlabel/netlabel_domainhash.c
index b3675bd..1f8f7ac 100644
--- a/net
entry with the
hash/mapping table spinlock.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
net/netlabel/netlabel_domainhash.c | 30 +-
1 files changed, 9 insertions(+), 21 deletions(-)
diff --git a/net/netlabel/netlabel_domainhash.c
b/net/netlabel
of the
NetLabel kernel API.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
include/net/netlabel.h| 91 ++---
net/ipv4/cipso_ipv4.c | 59 +++-
net/netlabel/netlabel_unlabeled.c |1
security/selinux/ss/mls.c | 10
Add a secctx_to_secid() LSM hook to go along with the existing
secid_to_secctx() LSM hook. This patch also includes the SELinux
implementation for this hook.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
Acked-by: Stephen Smalley [EMAIL PROTECTED]
---
include/linux/security.h | 13
unwanted
overhead and complicating the security policy.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
include/linux/security.h | 11 +++
net/ipv4/ip_output.c |7 +++
net/ipv6/ip6_output.c|5 +
security/dummy.c |8 +++-
security/security.c
-by: Paul Moore [EMAIL PROTECTED]
---
include/net/netlabel.h |2 ++
net/netlabel/netlabel_kapi.c|2 ++
security/selinux/hooks.c| 33 ++---
security/selinux/include/netlabel.h |8 +++-
security/selinux/netlabel.c
back
through the network stack. This patch corrects this problem by properly
copying the 'iif' field in __skb_clone() and removing the 'iif' field
assignment from skb_act_clone() since it is no longer needed.
Also, while we are here, get rid of that silly C() macro.
Signed-off-by: Paul Moore
Instead of storing the packet's network interface name store the ifindex. This
allows us to defer the need to lookup the net_device structure until the audit
record is generated meaning that in the majority of cases we never need to
bother with this at all.
Signed-off-by: Paul Moore [EMAIL
Add a new policy capabilities bitmap to SELinux policy version 22. This bitmap
will enable the security server to query the policy to determine which features
it supports.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
security/selinux/Kconfig|2 -
security/selinux/include
Add additional Flask definitions to support the new peer object class and
additional permissions to the netif and node object classes.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
security/selinux/include/av_perm_to_string.h |5 +
security/selinux/include/av_permissions.h|5
labels.
As part of this work the inbound packet permission check code has been heavily
modified to handle both the old and new behavior in as sane a fashion as
possible.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
security/selinux/hooks.c| 204
is not the case.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
include/linux/selinux.h | 45 +++---
net/netfilter/xt_SECMARK.c | 13 ++-
security/selinux/exports.c | 20 +++--
security/selinux/hooks.c| 46
the netlabel_tools package. The matching security label is
returned to the caller just as if the packet was explicitly labeled using a
labeling protocol.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
include/net/netlabel.h|6
net/netlabel/netlabel_kapi.c | 16
net/netlabel
-by: Paul Moore [EMAIL PROTECTED]
---
security/selinux/hooks.c|6 --
security/selinux/include/netlabel.h |2 -
security/selinux/include/security.h |2 -
security/selinux/netlabel.c | 55 ++--
security/selinux/ss/services.c | 124
thanks to Venkat Yekkirala [EMAIL PROTECTED] whose earlier
work on this topic eventually led to this patch.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
security/selinux/hooks.c | 347 --
1 files changed, 240 insertions(+), 107 deletions(-)
diff
removes the default message SID from the network interface record, it is
not being used and therefore is dead code.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
security/selinux/hooks.c|4 -
security/selinux/include/netif.h|4 -
security/selinux/include/objsec.h |5
of the
NetLabel kernel API.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
include/net/netlabel.h| 91 ++---
net/ipv4/cipso_ipv4.c | 59 +++-
net/netlabel/netlabel_unlabeled.c |1
security/selinux/ss/mls.c | 10
-by: Paul Moore [EMAIL PROTECTED]
---
include/net/netlabel.h |2 ++
net/netlabel/netlabel_kapi.c|2 ++
security/selinux/hooks.c| 33 ++---
security/selinux/include/netlabel.h |8 +++-
security/selinux/netlabel.c
This patch removes some unneeded RCU read locks as we can treat the reads as
safe even without RCU. It also converts the NetLabel configuration refcount
from a spinlock protected u32 into atomic_t to be more consistent with the rest
of the kernel.
Signed-off-by: Paul Moore [EMAIL PROTECTED
unwanted
overhead and complicating the security policy.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
include/linux/security.h | 11 +++
net/ipv4/ip_output.c |7 +++
net/ipv6/ip6_output.c|5 +
security/dummy.c |8 +++-
security/security.c
available here:
* git://git.infradead.org/users/pcmoore/lblnet-2.6_testing
--
paul moore
linux security @ hp
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo
Add a secctx_to_secid() LSM hook to go along with the existing
secid_to_secctx() LSM hook. This patch also includes the SELinux
implementation for this hook.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
Acked-by: Stephen Smalley [EMAIL PROTECTED]
---
include/linux/security.h | 13
Add additional Flask definitions to support the new peer object class and
additional permissions to the netif and node object classes.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
security/selinux/include/av_perm_to_string.h |5 +
security/selinux/include/av_permissions.h|5
Instead of storing the packet's network interface name store the ifindex. This
allows us to defer the need to lookup the net_device structure until the audit
record is generated meaning that in the majority of cases we never need to
bother with this at all.
Signed-off-by: Paul Moore [EMAIL
This patch adds auditing support to the NetLabel static labeling mechanism.
Signed-off-by: Paul Moore [EMAIL PROTECTED]
---
include/linux/audit.h |2
net/netlabel/netlabel_unlabeled.c | 207 ++---
2 files changed, 195 insertions(+), 14 deletions
On Friday 21 December 2007 12:36:15 pm Stephen Smalley wrote:
On Fri, 2007-12-21 at 12:09 -0500, Paul Moore wrote:
Add additional Flask definitions to support the new peer object class
and additional permissions to the netif and node object classes.
Signed-off-by: Paul Moore [EMAIL
On Tuesday 18 December 2007 3:25:54 am James Morris wrote:
On Fri, 14 Dec 2007, Paul Moore wrote:
Add a secctx_to_secid() LSM hook to go along with the existing
secid_to_secctx() LSM hook. This patch also includes the SELinux
implementation for this hook.
Please sign off your patches
On Monday 17 December 2007 3:05:37 pm Stephen Smalley wrote:
On Sun, 2007-12-16 at 11:47 -0500, Paul Moore wrote:
We should probably have different permissions for the interface and node
cases. Take the example of an admin who is only interested in enforcing
interface controls and not node
On Tuesday 18 December 2007 10:14:41 am Stephen Smalley wrote:
On Tue, 2007-12-18 at 08:59 -0500, Paul Moore wrote:
Thoughts? Should I just forget all this and use the peer label as a
subject label?
I'm not certain what we gain by using the peer as the object and class
in these checks
On Monday 17 December 2007 2:45:50 pm Stephen Smalley wrote:
On Fri, 2007-12-14 at 16:50 -0500, Paul Moore wrote:
Add an inet_sys_snd_skb() LSM hook to allow the LSM to provide packet
level access control for all outbound packets. Using the existing
postroute_last netfilter hook turns out
On Monday 17 December 2007 2:56:41 pm Stephen Smalley wrote:
On Fri, 2007-12-14 at 16:50 -0500, Paul Moore wrote:
/* Initialize an AVC audit data structure. */
#define AVC_AUDIT_DATA_INIT(_d,_t) \
-{ memset((_d), 0, sizeof(struct avc_audit_data)); (_d)-type =
AVC_AUDIT_DATA_##_t
On Monday 17 December 2007 3:35:28 pm Stephen Smalley wrote:
On Fri, 2007-12-14 at 16:50 -0500, Paul Moore wrote:
This patch adds a SELinux IP address/node SID caching mechanism similar
to the sel_netif_*() functions. The node SID queries in the SELinux
hooks files are also modified
On Monday 17 December 2007 3:05:37 pm Stephen Smalley wrote:
On Sun, 2007-12-16 at 11:47 -0500, Paul Moore wrote:
On Friday 14 December 2007 4:51:29 pm Paul Moore wrote:
This patch implements packet ingress/egress controls for SELinux which
allow SELinux security policy to control
On Friday 14 December 2007 4:51:29 pm Paul Moore wrote:
This patch implements packet ingress/egress controls for SELinux which
allow SELinux security policy to control the flow of all IPv4 and IPv6
packets into and out of the system. Currently SELinux does not have proper
control over
Add a secctx_to_secid() LSM hook to go along with the existing
secid_to_secctx() LSM hook. This patch also includes the SELinux
implementation for this hook.
---
include/linux/security.h | 13 +
security/dummy.c |6 ++
security/security.c |6 ++
Instead of storing the packet's network interface name store the ifindex. This
allows us to defer the need to lookup the net_device structure until the audit
record is generated meaning that in the majority of cases we never need to
bother with this at all.
---
security/selinux/avc.c |
Add additional Flask definitions to support the new peer object class.
---
security/selinux/include/av_perm_to_string.h |3 +++
security/selinux/include/av_permissions.h|3 +++
security/selinux/include/class_to_string.h |7 +++
security/selinux/include/flask.h |
1 - 100 of 156 matches
Mail list logo