diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2008-10-13 13:00:44 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-10-13 13:00:44 -0400 |
| commit | 8d71ff0bef9cf4e70108a9a2762f2361e607abde (patch) | |
| tree | a79487fceb6ec18e956373a3019416a43b269f1d /security/selinux/include/objsec.h | |
| parent | 244dc4e54b73567fae7f8fd9ba56584be9375442 (diff) | |
| parent | 92562927826fceb2f8e69c89e28161b8c1e0b125 (diff) | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (24 commits)
integrity: special fs magic
As pointed out by Jonathan Corbet, the timer must be deleted before
ERROR: code indent should use tabs where possible
The tpm_dev_release function is only called for platform devices, not pnp
Protect tpm_chip_list when transversing it.
Renames num_open to is_open, as only one process can open the file at a time.
Remove the BKL calls from the TPM driver, which were added in the overall
netlabel: Add configuration support for local labeling
cipso: Add support for native local labeling and fixup mapping names
netlabel: Changes to the NetLabel security attributes to allow LSMs to pass full contexts
selinux: Cache NetLabel secattrs in the socket's security struct
selinux: Set socket NetLabel based on connection endpoint
netlabel: Add functionality to set the security attributes of a packet
netlabel: Add network address selectors to the NetLabel/LSM domain mapping
netlabel: Add a generic way to create ordered linked lists of network addrs
netlabel: Replace protocol/NetLabel linking with refrerence counts
smack: Fix missing calls to netlbl_skbuff_err()
selinux: Fix missing calls to netlbl_skbuff_err()
selinux: Fix a problem in security_netlbl_sid_to_secattr()
selinux: Better local/forward check in selinux_ip_postroute()
...
Diffstat (limited to 'security/selinux/include/objsec.h')
| -rw-r--r-- | security/selinux/include/objsec.h | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h index 91070ab874ce..f8be8d7fa26d 100644 --- a/security/selinux/include/objsec.h +++ b/security/selinux/include/objsec.h | |||
| @@ -109,16 +109,19 @@ struct netport_security_struct { | |||
| 109 | }; | 109 | }; |
| 110 | 110 | ||
| 111 | struct sk_security_struct { | 111 | struct sk_security_struct { |
| 112 | u32 sid; /* SID of this object */ | ||
| 113 | u32 peer_sid; /* SID of peer */ | ||
| 114 | u16 sclass; /* sock security class */ | ||
| 115 | #ifdef CONFIG_NETLABEL | 112 | #ifdef CONFIG_NETLABEL |
| 116 | enum { /* NetLabel state */ | 113 | enum { /* NetLabel state */ |
| 117 | NLBL_UNSET = 0, | 114 | NLBL_UNSET = 0, |
| 118 | NLBL_REQUIRE, | 115 | NLBL_REQUIRE, |
| 119 | NLBL_LABELED, | 116 | NLBL_LABELED, |
| 117 | NLBL_REQSKB, | ||
| 118 | NLBL_CONNLABELED, | ||
| 120 | } nlbl_state; | 119 | } nlbl_state; |
| 120 | struct netlbl_lsm_secattr *nlbl_secattr; /* NetLabel sec attributes */ | ||
| 121 | #endif | 121 | #endif |
| 122 | u32 sid; /* SID of this object */ | ||
| 123 | u32 peer_sid; /* SID of peer */ | ||
| 124 | u16 sclass; /* sock security class */ | ||
| 122 | }; | 125 | }; |
| 123 | 126 | ||
| 124 | struct key_security_struct { | 127 | struct key_security_struct { |