diff options
| author | Linus Torvalds <torvalds@g5.osdl.org> | 2006-05-02 00:43:05 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-05-02 00:43:05 -0400 |
| commit | 532f57da408c5a5710075d17047e2d97bdfd22f3 (patch) | |
| tree | 3fb378bea1816f637aeeed0df805d0c30969cfc3 /security/selinux/ss/mls.c | |
| parent | 46c5ea3c9ae7fbc6e52a13c92e59d4fc7f4ca80a (diff) | |
| parent | 2ad312d2093ae506ae0fa184d8d026b559083087 (diff) | |
Merge branch 'audit.b10' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current
* 'audit.b10' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current:
[PATCH] Audit Filter Performance
[PATCH] Rework of IPC auditing
[PATCH] More user space subject labels
[PATCH] Reworked patch for labels on user space messages
[PATCH] change lspp ipc auditing
[PATCH] audit inode patch
[PATCH] support for context based audit filtering, part 2
[PATCH] support for context based audit filtering
[PATCH] no need to wank with task_lock() and pinning task down in audit_syscall_exit()
[PATCH] drop task argument of audit_syscall_{entry,exit}
[PATCH] drop gfp_mask in audit_log_exit()
[PATCH] move call of audit_free() into do_exit()
[PATCH] sockaddr patch
[PATCH] deal with deadlocks in audit_free()
Diffstat (limited to 'security/selinux/ss/mls.c')
| -rw-r--r-- | security/selinux/ss/mls.c | 30 |
1 files changed, 29 insertions, 1 deletions
diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c index 84047f69f9c1..7bc5b6440f70 100644 --- a/security/selinux/ss/mls.c +++ b/security/selinux/ss/mls.c | |||
| @@ -8,7 +8,7 @@ | |||
| 8 | * | 8 | * |
| 9 | * Support for enhanced MLS infrastructure. | 9 | * Support for enhanced MLS infrastructure. |
| 10 | * | 10 | * |
| 11 | * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. | 11 | * Copyright (C) 2004-2006 Trusted Computer Solutions, Inc. |
| 12 | */ | 12 | */ |
| 13 | 13 | ||
| 14 | #include <linux/kernel.h> | 14 | #include <linux/kernel.h> |
| @@ -385,6 +385,34 @@ out: | |||
| 385 | } | 385 | } |
| 386 | 386 | ||
| 387 | /* | 387 | /* |
| 388 | * Set the MLS fields in the security context structure | ||
| 389 | * `context' based on the string representation in | ||
| 390 | * the string `str'. This function will allocate temporary memory with the | ||
| 391 | * given constraints of gfp_mask. | ||
| 392 | */ | ||
| 393 | int mls_from_string(char *str, struct context *context, gfp_t gfp_mask) | ||
| 394 | { | ||
| 395 | char *tmpstr, *freestr; | ||
| 396 | int rc; | ||
| 397 | |||
| 398 | if (!selinux_mls_enabled) | ||
| 399 | return -EINVAL; | ||
| 400 | |||
| 401 | /* we need freestr because mls_context_to_sid will change | ||
| 402 | the value of tmpstr */ | ||
| 403 | tmpstr = freestr = kstrdup(str, gfp_mask); | ||
| 404 | if (!tmpstr) { | ||
| 405 | rc = -ENOMEM; | ||
| 406 | } else { | ||
| 407 | rc = mls_context_to_sid(':', &tmpstr, context, | ||
| 408 | NULL, SECSID_NULL); | ||
| 409 | kfree(freestr); | ||
| 410 | } | ||
| 411 | |||
| 412 | return rc; | ||
| 413 | } | ||
| 414 | |||
| 415 | /* | ||
| 388 | * Copies the effective MLS range from `src' into `dst'. | 416 | * Copies the effective MLS range from `src' into `dst'. |
| 389 | */ | 417 | */ |
| 390 | static inline int mls_scopy_context(struct context *dst, | 418 | static inline int mls_scopy_context(struct context *dst, |