On Thu, May 13, 2021 at 4:24 PM Casey Schaufler <[email protected]> wrote: > > Add a new lsmcontext data structure to hold all the information > about a "security context", including the string, its size and > which LSM allocated the string. The allocation information is > necessary because LSMs have different policies regarding the > lifecycle of these strings. SELinux allocates and destroys > them on each use, whereas Smack provides a pointer to an entry > in a list that never goes away. > > Reviewed-by: Kees Cook <[email protected]> > Reviewed-by: John Johansen <[email protected]> > Acked-by: Stephen Smalley <[email protected]> > Acked-by: Chuck Lever <[email protected]> > Signed-off-by: Casey Schaufler <[email protected]> > Cc: [email protected] > Cc: [email protected] > Cc: [email protected] > Cc: [email protected] > To: Pablo Neira Ayuso <[email protected]> > Cc: [email protected] > --- > drivers/android/binder.c | 10 ++++--- > fs/ceph/xattr.c | 6 ++++- > fs/nfs/nfs4proc.c | 8 ++++-- > fs/nfsd/nfs4xdr.c | 7 +++-- > include/linux/security.h | 35 +++++++++++++++++++++++-- > include/net/scm.h | 5 +++- > kernel/audit.c | 14 +++++++--- > kernel/auditsc.c | 12 ++++++--- > net/ipv4/ip_sockglue.c | 4 ++- > net/netfilter/nf_conntrack_netlink.c | 4 ++- > net/netfilter/nf_conntrack_standalone.c | 4 ++- > net/netfilter/nfnetlink_queue.c | 13 ++++++--- > net/netlabel/netlabel_unlabeled.c | 19 +++++++++++--- > net/netlabel/netlabel_user.c | 4 ++- > security/security.c | 11 ++++---- > 15 files changed, 121 insertions(+), 35 deletions(-)
Acked-by: Paul Moore <[email protected]> -- paul moore www.paul-moore.com -- Linux-audit mailing list [email protected] https://listman.redhat.com/mailman/listinfo/linux-audit
