On Sunday 11 November 2007 5:34:27 pm James Morris wrote:
On Fri, 9 Nov 2007, Paul Moore wrote:
+ /* Between selinux_compat_net and selinux_policycap_netpeer this is
+* starting to get a bit messy - we need to setup a timetable for
+* deprecating some of this old/obsolete
On Fri, 9 Nov 2007, Paul Moore wrote:
+ /* Between selinux_compat_net and selinux_policycap_netpeer this is
+ * starting to get a bit messy - we need to setup a timetable for
+ * deprecating some of this old/obsolete functionality so we can
+ * reclaim some level of sanity
Rename the existing selinux_skb_extlbl_sid() function to
selinux_skb_peerlbl_sid() and modify it's behavior such that it now reconciles
multiple peer/external labels and if reconciliation is not possible it returns
an error to the caller.
---
security/selinux/hooks.c| 94