Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
L
linux
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
linux
Commits
b797f128
Commit
b797f128
authored
Feb 18, 2004
by
James Morris
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
[SELINUX]: Event notifications via netlink.
parent
f7c908de
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
8 additions
and
1 deletion
+8
-1
include/linux/netlink.h
include/linux/netlink.h
+1
-0
security/selinux/Makefile
security/selinux/Makefile
+1
-1
security/selinux/selinuxfs.c
security/selinux/selinuxfs.c
+3
-0
security/selinux/ss/services.c
security/selinux/ss/services.c
+3
-0
No files found.
include/linux/netlink.h
View file @
b797f128
...
@@ -11,6 +11,7 @@
...
@@ -11,6 +11,7 @@
#define NETLINK_TCPDIAG 4
/* TCP socket monitoring */
#define NETLINK_TCPDIAG 4
/* TCP socket monitoring */
#define NETLINK_NFLOG 5
/* netfilter/iptables ULOG */
#define NETLINK_NFLOG 5
/* netfilter/iptables ULOG */
#define NETLINK_XFRM 6
/* ipsec */
#define NETLINK_XFRM 6
/* ipsec */
#define NETLINK_SELINUX 7
/* SELinux event notifications */
#define NETLINK_ARPD 8
#define NETLINK_ARPD 8
#define NETLINK_ROUTE6 11
/* af_inet6 route comm channel */
#define NETLINK_ROUTE6 11
/* af_inet6 route comm channel */
#define NETLINK_IP6_FW 13
#define NETLINK_IP6_FW 13
...
...
security/selinux/Makefile
View file @
b797f128
...
@@ -4,7 +4,7 @@
...
@@ -4,7 +4,7 @@
obj-$(CONFIG_SECURITY_SELINUX)
:=
selinux.o ss/
obj-$(CONFIG_SECURITY_SELINUX)
:=
selinux.o ss/
selinux-y
:=
avc.o hooks.o selinuxfs.o
selinux-y
:=
avc.o hooks.o selinuxfs.o
netlink.o
selinux-$(CONFIG_SECURITY_NETWORK)
+=
netif.o
selinux-$(CONFIG_SECURITY_NETWORK)
+=
netif.o
...
...
security/selinux/selinuxfs.c
View file @
b797f128
...
@@ -17,6 +17,8 @@
...
@@ -17,6 +17,8 @@
#include "security.h"
#include "security.h"
#include "objsec.h"
#include "objsec.h"
extern
void
selnl_notify_setenforce
(
int
val
);
/* Check whether a task is allowed to use a security operation. */
/* Check whether a task is allowed to use a security operation. */
int
task_has_security
(
struct
task_struct
*
tsk
,
int
task_has_security
(
struct
task_struct
*
tsk
,
u32
perms
)
u32
perms
)
...
@@ -111,6 +113,7 @@ static ssize_t sel_write_enforce(struct file * file, const char * buf,
...
@@ -111,6 +113,7 @@ static ssize_t sel_write_enforce(struct file * file, const char * buf,
selinux_enforcing
=
new_value
;
selinux_enforcing
=
new_value
;
if
(
selinux_enforcing
)
if
(
selinux_enforcing
)
avc_ss_reset
(
0
);
avc_ss_reset
(
0
);
selnl_notify_setenforce
(
selinux_enforcing
);
}
}
length
=
count
;
length
=
count
;
out:
out:
...
...
security/selinux/ss/services.c
View file @
b797f128
...
@@ -28,6 +28,8 @@
...
@@ -28,6 +28,8 @@
#include "services.h"
#include "services.h"
#include "mls.h"
#include "mls.h"
extern
void
selnl_notify_policyload
(
u32
seqno
);
static
rwlock_t
policy_rwlock
=
RW_LOCK_UNLOCKED
;
static
rwlock_t
policy_rwlock
=
RW_LOCK_UNLOCKED
;
#define POLICY_RDLOCK read_lock(&policy_rwlock)
#define POLICY_RDLOCK read_lock(&policy_rwlock)
#define POLICY_WRLOCK write_lock_irq(&policy_rwlock)
#define POLICY_WRLOCK write_lock_irq(&policy_rwlock)
...
@@ -1052,6 +1054,7 @@ int security_load_policy(void *data, size_t len)
...
@@ -1052,6 +1054,7 @@ int security_load_policy(void *data, size_t len)
sidtab_destroy
(
&
oldsidtab
);
sidtab_destroy
(
&
oldsidtab
);
avc_ss_reset
(
seqno
);
avc_ss_reset
(
seqno
);
selnl_notify_policyload
(
seqno
);
return
0
;
return
0
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment