diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2011-03-16 12:15:43 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2011-03-16 12:15:43 -0400 |
| commit | 0f6e0e8448a16d8d22119ce91d8dd24b44865b51 (patch) | |
| tree | 7c295c02db035fc6a0b867465911a2bc9dc6b1ef /scripts | |
| parent | 0d2ecee2bdb2a19d04bc5cefac0f86e790f1aad4 (diff) | |
| parent | a002951c97ff8da49938c982a4c236bf2fafdc9f (diff) | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (33 commits)
AppArmor: kill unused macros in lsm.c
AppArmor: cleanup generated files correctly
KEYS: Add an iovec version of KEYCTL_INSTANTIATE
KEYS: Add a new keyctl op to reject a key with a specified error code
KEYS: Add a key type op to permit the key description to be vetted
KEYS: Add an RCU payload dereference macro
AppArmor: Cleanup make file to remove cruft and make it easier to read
SELinux: implement the new sb_remount LSM hook
LSM: Pass -o remount options to the LSM
SELinux: Compute SID for the newly created socket
SELinux: Socket retains creator role and MLS attribute
SELinux: Auto-generate security_is_socket_class
TOMOYO: Fix memory leak upon file open.
Revert "selinux: simplify ioctl checking"
selinux: drop unused packet flow permissions
selinux: Fix packet forwarding checks on postrouting
selinux: Fix wrong checks for selinux_policycap_netpeer
selinux: Fix check for xfrm selinux context algorithm
ima: remove unnecessary call to ima_must_measure
IMA: remove IMA imbalance checking
...
Diffstat (limited to 'scripts')
| -rw-r--r-- | scripts/selinux/genheaders/genheaders.c | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/scripts/selinux/genheaders/genheaders.c b/scripts/selinux/genheaders/genheaders.c index 58a12c278706..539855ff31f9 100644 --- a/scripts/selinux/genheaders/genheaders.c +++ b/scripts/selinux/genheaders/genheaders.c | |||
| @@ -43,6 +43,8 @@ int main(int argc, char *argv[]) | |||
| 43 | int i, j, k; | 43 | int i, j, k; |
| 44 | int isids_len; | 44 | int isids_len; |
| 45 | FILE *fout; | 45 | FILE *fout; |
| 46 | const char *needle = "SOCKET"; | ||
| 47 | char *substr; | ||
| 46 | 48 | ||
| 47 | progname = argv[0]; | 49 | progname = argv[0]; |
| 48 | 50 | ||
| @@ -88,6 +90,24 @@ int main(int argc, char *argv[]) | |||
| 88 | fprintf(fout, "%2d\n", i); | 90 | fprintf(fout, "%2d\n", i); |
| 89 | } | 91 | } |
| 90 | fprintf(fout, "\n#define SECINITSID_NUM %d\n", i-1); | 92 | fprintf(fout, "\n#define SECINITSID_NUM %d\n", i-1); |
| 93 | fprintf(fout, "\nstatic inline bool security_is_socket_class(u16 kern_tclass)\n"); | ||
| 94 | fprintf(fout, "{\n"); | ||
| 95 | fprintf(fout, "\tbool sock = false;\n\n"); | ||
| 96 | fprintf(fout, "\tswitch (kern_tclass) {\n"); | ||
| 97 | for (i = 0; secclass_map[i].name; i++) { | ||
| 98 | struct security_class_mapping *map = &secclass_map[i]; | ||
| 99 | substr = strstr(map->name, needle); | ||
| 100 | if (substr && strcmp(substr, needle) == 0) | ||
| 101 | fprintf(fout, "\tcase SECCLASS_%s:\n", map->name); | ||
| 102 | } | ||
| 103 | fprintf(fout, "\t\tsock = true;\n"); | ||
| 104 | fprintf(fout, "\t\tbreak;\n"); | ||
| 105 | fprintf(fout, "\tdefault:\n"); | ||
| 106 | fprintf(fout, "\t\tbreak;\n"); | ||
| 107 | fprintf(fout, "\t}\n\n"); | ||
| 108 | fprintf(fout, "\treturn sock;\n"); | ||
| 109 | fprintf(fout, "}\n"); | ||
| 110 | |||
| 91 | fprintf(fout, "\n#endif\n"); | 111 | fprintf(fout, "\n#endif\n"); |
| 92 | fclose(fout); | 112 | fclose(fout); |
| 93 | 113 | ||