linux_dsm_epyc7002/security/selinux
Stephen Smalley d313f94830 SELinux: detect dead booleans
Instead of using f_op to detect dead booleans, check the inode index
against the number of booleans and check the dentry name against the
boolean name for that index on reads and writes.  This prevents
incorrect use of a boolean file opened prior to a policy reload while
allowing valid use of it as long as it still corresponds to the same
boolean in the policy.

Signed-off-by:  Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
2007-12-06 00:24:09 +11:00
..
include SELinux: policy selectable handling of unknown classes and perms 2007-10-17 08:59:33 +10:00
ss SELinux: add more validity checks on policy load 2007-11-08 08:56:23 +11:00
avc.c SELinux: Improve read/write performance 2007-10-17 08:59:31 +10:00
exports.c [PATCH] selinux: rename selinux_ctxid_to_string 2006-09-26 08:48:52 -07:00
hooks.c SELinux: always check SIGCHLD in selinux_task_wait 2007-10-23 08:47:48 +10:00
Kconfig Fix trivial typos in Kconfig* files 2007-05-09 07:12:20 +02:00
Makefile SELinux: extract the NetLabel SELinux support from the security server 2007-04-26 01:35:48 -04:00
netif.c [NET]: Make device event notification network namespace safe 2007-10-10 16:49:09 -07:00
netlabel.c SELinux: restore proper NetLabel caching behavior 2007-08-02 11:52:21 -04:00
netlink.c [NET]: Support multiple network namespaces with netlink 2007-10-10 16:49:09 -07:00
nlmsgtab.c Audit: add TTY input auditing 2007-07-16 09:05:47 -07:00
selinuxfs.c SELinux: detect dead booleans 2007-12-06 00:24:09 +11:00
xfrm.c SELinux: suppress a warning for 64k pages. 2007-11-08 08:55:04 +11:00