projects / platform / kernel / linux-arm64.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 227b239) | patch
Security: Add Hook to test if the particular xattr is part of a MAC model.
authorDavid Quigley <dpquigl@davequigley.com>
Wed, 22 May 2013 16:50:35 +0000 (12:50 -0400)
committerChanho Park <parkch98@gmail.com>
Fri, 23 Jan 2015 14:21:43 +0000 (23:21 +0900)
commit78d1e2449eadc7fc0453846837cb3335d565b523
tree4599ac1594684c433719c9bd2bcf841af6a2b4actree | snapshot
parent227b2393a2cea785031be1b5aa6db6fa7dfa4f03commit | diff
Security: Add Hook to test if the particular xattr is part of a MAC model.

The interface to request security labels from user space is the xattr
interface. When requesting the security label from an NFS server it is
important to make sure the requested xattr actually is a MAC label. This allows
us to make sure that we get the desired semantics from the attribute instead of
something else such as capabilities or a time based LSM.

Change-Id: I283f116953f958877826ba772661b5755986ac99
Acked-by: Eric Paris <eparis@redhat.com>
Acked-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: Matthew N. Dodd <Matthew.Dodd@sparta.com>
Signed-off-by: Miguel Rodel Felipe <Rodel_FM@dsi.a-star.edu.sg>
Signed-off-by: Phua Eu Gene <PHUA_Eu_Gene@dsi.a-star.edu.sg>
Signed-off-by: Khin Mi Mi Aung <Mi_Mi_AUNG@dsi.a-star.edu.sg>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Ɓukasz Stelmach <l.stelmach@samsung.com>
include/linux/security.h diff | blob | history
security/capability.c diff | blob | history
security/security.c diff | blob | history
security/selinux/hooks.c diff | blob | history
security/smack/smack_lsm.c diff | blob | history
Domain: System / Kernel;