diff options
| author | Glenn Elliott <gelliott@cs.unc.edu> | 2012-03-04 19:47:13 -0500 |
|---|---|---|
| committer | Glenn Elliott <gelliott@cs.unc.edu> | 2012-03-04 19:47:13 -0500 |
| commit | c71c03bda1e86c9d5198c5d83f712e695c4f2a1e (patch) | |
| tree | ecb166cb3e2b7e2adb3b5e292245fefd23381ac8 /security/selinux/include/classmap.h | |
| parent | ea53c912f8a86a8567697115b6a0d8152beee5c8 (diff) | |
| parent | 6a00f206debf8a5c8899055726ad127dbeeed098 (diff) | |
Merge branch 'mpi-master' into wip-k-fmlpwip-k-fmlp
Conflicts:
litmus/sched_cedf.c
Diffstat (limited to 'security/selinux/include/classmap.h')
| -rw-r--r-- | security/selinux/include/classmap.h | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h index b4c9eb4bd6f9..b8c53723e09b 100644 --- a/security/selinux/include/classmap.h +++ b/security/selinux/include/classmap.h | |||
| @@ -12,12 +12,16 @@ | |||
| 12 | #define COMMON_IPC_PERMS "create", "destroy", "getattr", "setattr", "read", \ | 12 | #define COMMON_IPC_PERMS "create", "destroy", "getattr", "setattr", "read", \ |
| 13 | "write", "associate", "unix_read", "unix_write" | 13 | "write", "associate", "unix_read", "unix_write" |
| 14 | 14 | ||
| 15 | /* | ||
| 16 | * Note: The name for any socket class should be suffixed by "socket", | ||
| 17 | * and doesn't contain more than one substr of "socket". | ||
| 18 | */ | ||
| 15 | struct security_class_mapping secclass_map[] = { | 19 | struct security_class_mapping secclass_map[] = { |
| 16 | { "security", | 20 | { "security", |
| 17 | { "compute_av", "compute_create", "compute_member", | 21 | { "compute_av", "compute_create", "compute_member", |
| 18 | "check_context", "load_policy", "compute_relabel", | 22 | "check_context", "load_policy", "compute_relabel", |
| 19 | "compute_user", "setenforce", "setbool", "setsecparam", | 23 | "compute_user", "setenforce", "setbool", "setsecparam", |
| 20 | "setcheckreqprot", NULL } }, | 24 | "setcheckreqprot", "read_policy", NULL } }, |
| 21 | { "process", | 25 | { "process", |
| 22 | { "fork", "transition", "sigchld", "sigkill", | 26 | { "fork", "transition", "sigchld", "sigkill", |
| 23 | "sigstop", "signull", "signal", "ptrace", "getsched", "setsched", | 27 | "sigstop", "signull", "signal", "ptrace", "getsched", "setsched", |
| @@ -132,8 +136,7 @@ struct security_class_mapping secclass_map[] = { | |||
| 132 | { "appletalk_socket", | 136 | { "appletalk_socket", |
| 133 | { COMMON_SOCK_PERMS, NULL } }, | 137 | { COMMON_SOCK_PERMS, NULL } }, |
| 134 | { "packet", | 138 | { "packet", |
| 135 | { "send", "recv", "relabelto", "flow_in", "flow_out", | 139 | { "send", "recv", "relabelto", "forward_in", "forward_out", NULL } }, |
| 136 | "forward_in", "forward_out", NULL } }, | ||
| 137 | { "key", | 140 | { "key", |
| 138 | { "view", "read", "write", "search", "link", "setattr", "create", | 141 | { "view", "read", "write", "search", "link", "setattr", "create", |
| 139 | NULL } }, | 142 | NULL } }, |
| @@ -142,7 +145,7 @@ struct security_class_mapping secclass_map[] = { | |||
| 142 | "node_bind", "name_connect", NULL } }, | 145 | "node_bind", "name_connect", NULL } }, |
| 143 | { "memprotect", { "mmap_zero", NULL } }, | 146 | { "memprotect", { "mmap_zero", NULL } }, |
| 144 | { "peer", { "recv", NULL } }, | 147 | { "peer", { "recv", NULL } }, |
| 145 | { "capability2", { "mac_override", "mac_admin", NULL } }, | 148 | { "capability2", { "mac_override", "mac_admin", "syslog", NULL } }, |
| 146 | { "kernel_service", { "use_as_override", "create_files_as", NULL } }, | 149 | { "kernel_service", { "use_as_override", "create_files_as", NULL } }, |
| 147 | { "tun_socket", | 150 | { "tun_socket", |
| 148 | { COMMON_SOCK_PERMS, NULL } }, | 151 | { COMMON_SOCK_PERMS, NULL } }, |