linux_dsm_epyc7002/security
Paul Moore 220deb966e SELinux: Better integration between peer labeling subsystems
Rework the handling of network peer labels so that the different peer labeling
subsystems work better together.  This includes moving both subsystems to a
single "peer" object class which involves not only changes to the permission
checks but an improved method of consolidating multiple packet peer labels.
As part of this work the inbound packet permission check code has been heavily
modified to handle both the old and new behavior in as sane a fashion as
possible.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
2008-01-30 08:17:25 +11:00
..
keys security/selinux: constify function pointer tables and fields 2008-01-25 11:29:54 +11:00
selinux SELinux: Better integration between peer labeling subsystems 2008-01-30 08:17:25 +11:00
capability.c Implement file posix capabilities 2007-10-17 08:43:07 -07:00
commoncap.c Fix filesystem capability support 2008-01-21 19:39:41 -08:00
dummy.c security: add a secctx_to_secid() hook 2008-01-25 11:29:53 +11:00
inode.c Kobject: convert remaining kobject_unregister() to kobject_put() 2008-01-24 20:40:40 -08:00
Kconfig Implement file posix capabilities 2007-10-17 08:43:07 -07:00
Makefile [PATCH] LSM: remove BSD secure level security module 2006-09-29 09:18:10 -07:00
root_plug.c security: Convert LSM into a static interface 2007-10-17 08:43:07 -07:00
security.c security: add a secctx_to_secid() hook 2008-01-25 11:29:53 +11:00