linux_dsm_epyc7002/security/selinux/include
Stephen Smalley 79af73079d Add security hooks to binder and implement the hooks for SELinux.
Add security hooks to the binder and implement the hooks for SELinux.
The security hooks enable security modules such as SELinux to implement
controls over binder IPC.  The security hooks include support for
controlling what process can become the binder context manager
(binder_set_context_mgr), controlling the ability of a process
to invoke a binder transaction/IPC to another process (binder_transaction),
controlling the ability of a process to transfer a binder reference to
another process (binder_transfer_binder), and controlling the ability
of a process to transfer an open file to another process (binder_transfer_file).

These hooks have been included in the Android kernel trees since Android 4.3.

(Updated to reflect upstream relocation and changes to the binder driver,
changes to the LSM audit data structures, coding style cleanups, and
to add inline documentation for the hooks).

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Nick Kralevich <nnk@google.com>
Acked-by: Jeffrey Vander Stoep <jeffv@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2015-01-25 09:17:57 -08:00
..
audit.h SELinux: keep the code clean formating and syntax 2008-07-14 15:01:36 +10:00
avc_ss.h selinux: sparse fix: fix several warnings in the security server code 2011-09-09 16:56:32 -07:00
avc.h selinux: Report permissive mode in avc: denied messages. 2014-06-03 14:21:48 -05:00
classmap.h Add security hooks to binder and implement the hooks for SELinux. 2015-01-25 09:17:57 -08:00
conditional.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
initial_sid_to_string.h selinux: const strings in tables 2010-03-08 09:33:53 +11:00
netif.h selinux: make the netif cache namespace aware 2014-09-10 17:09:57 -04:00
netlabel.h doc: Update the email address for Paul Moore in various source files 2011-08-01 17:58:33 -07:00
netnode.h selinux: reduce the number of calls to synchronize_net() when flushing caches 2014-06-26 14:33:56 -04:00
netport.h selinux: reduce the number of calls to synchronize_net() when flushing caches 2014-06-26 14:33:56 -04:00
objsec.h selinux: make the netif cache namespace aware 2014-09-10 17:09:57 -04:00
security.h security: Used macros from compiler.h instead of __attribute__((...)) 2014-06-18 16:59:34 -04:00
xfrm.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-03-25 20:29:20 -04:00