Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
L
linux
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
linux
Commits
b797f128
Commit
b797f128
authored
Feb 18, 2004
by
James Morris
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
[SELINUX]: Event notifications via netlink.
parent
f7c908de
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
8 additions
and
1 deletion
+8
-1
include/linux/netlink.h
include/linux/netlink.h
+1
-0
security/selinux/Makefile
security/selinux/Makefile
+1
-1
security/selinux/selinuxfs.c
security/selinux/selinuxfs.c
+3
-0
security/selinux/ss/services.c
security/selinux/ss/services.c
+3
-0
No files found.
include/linux/netlink.h
View file @
b797f128
...
@@ -11,6 +11,7 @@
...
@@ -11,6 +11,7 @@
#define NETLINK_TCPDIAG 4
/* TCP socket monitoring */
#define NETLINK_TCPDIAG 4
/* TCP socket monitoring */
#define NETLINK_NFLOG 5
/* netfilter/iptables ULOG */
#define NETLINK_NFLOG 5
/* netfilter/iptables ULOG */
#define NETLINK_XFRM 6
/* ipsec */
#define NETLINK_XFRM 6
/* ipsec */
#define NETLINK_SELINUX 7
/* SELinux event notifications */
#define NETLINK_ARPD 8
#define NETLINK_ARPD 8
#define NETLINK_ROUTE6 11
/* af_inet6 route comm channel */
#define NETLINK_ROUTE6 11
/* af_inet6 route comm channel */
#define NETLINK_IP6_FW 13
#define NETLINK_IP6_FW 13
...
...
security/selinux/Makefile
View file @
b797f128
...
@@ -4,7 +4,7 @@
...
@@ -4,7 +4,7 @@
obj-$(CONFIG_SECURITY_SELINUX)
:=
selinux.o ss/
obj-$(CONFIG_SECURITY_SELINUX)
:=
selinux.o ss/
selinux-y
:=
avc.o hooks.o selinuxfs.o
selinux-y
:=
avc.o hooks.o selinuxfs.o
netlink.o
selinux-$(CONFIG_SECURITY_NETWORK)
+=
netif.o
selinux-$(CONFIG_SECURITY_NETWORK)
+=
netif.o
...
...
security/selinux/selinuxfs.c
View file @
b797f128
...
@@ -17,6 +17,8 @@
...
@@ -17,6 +17,8 @@
#include "security.h"
#include "security.h"
#include "objsec.h"
#include "objsec.h"
extern
void
selnl_notify_setenforce
(
int
val
);
/* Check whether a task is allowed to use a security operation. */
/* Check whether a task is allowed to use a security operation. */
int
task_has_security
(
struct
task_struct
*
tsk
,
int
task_has_security
(
struct
task_struct
*
tsk
,
u32
perms
)
u32
perms
)
...
@@ -111,6 +113,7 @@ static ssize_t sel_write_enforce(struct file * file, const char * buf,
...
@@ -111,6 +113,7 @@ static ssize_t sel_write_enforce(struct file * file, const char * buf,
selinux_enforcing
=
new_value
;
selinux_enforcing
=
new_value
;
if
(
selinux_enforcing
)
if
(
selinux_enforcing
)
avc_ss_reset
(
0
);
avc_ss_reset
(
0
);
selnl_notify_setenforce
(
selinux_enforcing
);
}
}
length
=
count
;
length
=
count
;
out:
out:
...
...
security/selinux/ss/services.c
View file @
b797f128
...
@@ -28,6 +28,8 @@
...
@@ -28,6 +28,8 @@
#include "services.h"
#include "services.h"
#include "mls.h"
#include "mls.h"
extern
void
selnl_notify_policyload
(
u32
seqno
);
static
rwlock_t
policy_rwlock
=
RW_LOCK_UNLOCKED
;
static
rwlock_t
policy_rwlock
=
RW_LOCK_UNLOCKED
;
#define POLICY_RDLOCK read_lock(&policy_rwlock)
#define POLICY_RDLOCK read_lock(&policy_rwlock)
#define POLICY_WRLOCK write_lock_irq(&policy_rwlock)
#define POLICY_WRLOCK write_lock_irq(&policy_rwlock)
...
@@ -1052,6 +1054,7 @@ int security_load_policy(void *data, size_t len)
...
@@ -1052,6 +1054,7 @@ int security_load_policy(void *data, size_t len)
sidtab_destroy
(
&
oldsidtab
);
sidtab_destroy
(
&
oldsidtab
);
avc_ss_reset
(
seqno
);
avc_ss_reset
(
seqno
);
selnl_notify_policyload
(
seqno
);
return
0
;
return
0
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment