diff options
| author | Paul Moore <paul.moore@hp.com> | 2009-08-28 18:12:49 -0400 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2009-08-31 18:29:52 -0400 |
| commit | ed6d76e4c32de0c2ad5f1d572b948ef49e465176 (patch) | |
| tree | 893914916ad849fefed72df48bca0bf9c78e392d /security/selinux/include/flask.h | |
| parent | 2b980dbd77d229eb60588802162c9659726b11f4 (diff) | |
selinux: Support for the new TUN LSM hooks
Add support for the new TUN LSM hooks: security_tun_dev_create(),
security_tun_dev_post_create() and security_tun_dev_attach(). This includes
the addition of a new object class, tun_socket, which represents the socks
associated with TUN devices. The _tun_dev_create() and _tun_dev_post_create()
hooks are fairly similar to the standard socket functions but _tun_dev_attach()
is a bit special. The _tun_dev_attach() is unique because it involves a
domain attaching to an existing TUN device and its associated tun_socket
object, an operation which does not exist with standard sockets and most
closely resembles a relabel operation.
Signed-off-by: Paul Moore <paul.moore@hp.com>
Acked-by: Eric Paris <eparis@parisplace.org>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/include/flask.h')
| -rw-r--r-- | security/selinux/include/flask.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/security/selinux/include/flask.h b/security/selinux/include/flask.h index 882f27d66fac..f248500a1e3c 100644 --- a/security/selinux/include/flask.h +++ b/security/selinux/include/flask.h | |||
| @@ -53,6 +53,7 @@ | |||
| 53 | #define SECCLASS_PEER 68 | 53 | #define SECCLASS_PEER 68 |
| 54 | #define SECCLASS_CAPABILITY2 69 | 54 | #define SECCLASS_CAPABILITY2 69 |
| 55 | #define SECCLASS_KERNEL_SERVICE 74 | 55 | #define SECCLASS_KERNEL_SERVICE 74 |
| 56 | #define SECCLASS_TUN_SOCKET 75 | ||
| 56 | 57 | ||
| 57 | /* | 58 | /* |
| 58 | * Security identifier indices for initial entities | 59 | * Security identifier indices for initial entities |