user/sven/linux.git - Linux Kernel

Age	Commit message (Collapse)	Author
2018-03-01	selinux: wrap global selinux state	Stephen Smalley
	Define a selinux state structure (struct selinux_state) for global SELinux state and pass it explicitly to all security server functions. The public portion of the structure contains state that is used throughout the SELinux code, such as the enforcing mode. The structure also contains a pointer to a selinux_ss structure whose definition is private to the security server and contains security server specific state such as the policy database and SID table. This change should have no effect on SELinux behavior or APIs (userspace or LSM). It merely wraps SELinux state and passes it explicitly as needed. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> [PM: minor fixups needed due to collisions with the SCTP patches] Signed-off-by: Paul Moore <paul@paul-moore.com>
2016-04-14	selinux: Change bool variable name to index.	Prarit Bhargava
	security_get_bool_value(int bool) argument "bool" conflicts with in-kernel macros such as BUILD_BUG(). This patch changes this to index which isn't a type. Cc: Paul Moore <paul@paul-moore.com> Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: Eric Paris <eparis@parisplace.org> Cc: James Morris <james.l.morris@oracle.com> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: Rasmus Villemoes <linux@rasmusvillemoes.dk> Cc: Andrew Perepechko <anserper@ya.ru> Cc: Jeff Vander Stoep <jeffv@google.com> Cc: selinux@tycho.nsa.gov Cc: Eric Paris <eparis@redhat.com> Cc: Paul Moore <pmoore@redhat.com> Cc: David Howells <dhowells@redhat.com> Signed-off-by: Prarit Bhargava <prarit@redhat.com> Acked-by: David Howells <dhowells@redhat.com> [PM: wrapped description for checkpatch.pl, use "selinux:..." as subj] Signed-off-by: Paul Moore <paul@paul-moore.com>
2004-03-15	[PATCH] selinux: Conditional policy extension and MLS detection support	Andrew Morton
	From: Stephen Smalley <sds@epoch.ncsc.mil> This patch extends the SELinux policy engine to support conditional policy logic based on a set of policy booleans, allowing well-formed changes to the policy to be defined within and mediated by the policy itself. The conditional policy extensions were implemented and contributed by Tresys Technology. Userland packages that support these extensions are already available from nsa.gov/selinux, and backward compatibility is provided for the prior policy version. The patch also includes a small change to enable detection of the optional MLS policy model on a SELinux system and fixes to the conditional policy extensions to allow the MLS policy to work correctly with them that were implemented and contributed by Trusted Computer Solutions.