review.tizen.org Git - platform/kernel/linux-3.10.git/commit

author	David Quigley <dpquigl@davequigley.com>
	Wed, 22 May 2013 16:50:35 +0000 (12:50 -0400)
committer	Marek Szyprowski <m.szyprowski@samsung.com>
	Thu, 15 May 2014 05:25:46 +0000 (07:25 +0200)
commit	3c42263fa5ab129043263fd169c978365bc04ab5
tree	c12891845d5d9cebfa63ee774608a60f68a47b18	tree \| snapshot
parent	25834301db2b179af34a5029f505d6eb115a3a7b	commit \| diff

Security: Add Hook to test if the particular xattr is part of a MAC model.

The interface to request security labels from user space is the xattr
interface. When requesting the security label from an NFS server it is
important to make sure the requested xattr actually is a MAC label. This allows
us to make sure that we get the desired semantics from the attribute instead of
something else such as capabilities or a time based LSM.

Change-Id: I283f116953f958877826ba772661b5755986ac99
Acked-by: Eric Paris <eparis@redhat.com>
Acked-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: Matthew N. Dodd <Matthew.Dodd@sparta.com>
Signed-off-by: Miguel Rodel Felipe <Rodel_FM@dsi.a-star.edu.sg>
Signed-off-by: Phua Eu Gene <PHUA_Eu_Gene@dsi.a-star.edu.sg>
Signed-off-by: Khin Mi Mi Aung <Mi_Mi_AUNG@dsi.a-star.edu.sg>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>

include/linux/security.h		diff \| blob \| history
security/capability.c		diff \| blob \| history
security/security.c		diff \| blob \| history
security/selinux/hooks.c		diff \| blob \| history
security/smack/smack_lsm.c		diff \| blob \| history