|  | Commit message (Collapse) | Author | Age | 
|---|
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | The security_is_socket_class() is auto-generated by genheaders based
on classmap.h to reduce maintenance effort when a new class is defined
in SELinux kernel. The name for any socket class should be suffixed by
"socket" and doesn't contain more than one substr of "socket".
Signed-off-by: Harry Ciao <qingtao.cao@windriver.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov> | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| | Fix const warning in the genheaders script as a result of
changes to the headers, as noted here:
http://linux.derkeiler.com/Mailing-Lists/Kernel/2010-03/msg03977.html
Reported-by: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: James Morris <jmorris@namei.org> | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| | If a permission name is long enough the selinux class definition generation
tool will go into a infinite loop.  This is because it's macro max() is
fooled into thinking it is dealing with unsigned numbers.  This patch makes
sure the macro always uses signed number so 1 > -1.
Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org> | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | scripts/selinux/genheaders/genheaders.c:20: warning: no previous prototype
for ?usage?
scripts/selinux/genheaders/genheaders.c:26: warning: no previous prototype
for ?stoupperx?
Signed-off-by: Alan Cox <alan@linux.intel.com>
Acked-by: WANG Cong <xiyou.wangcong@gmail.com>
Signed-off-by: James Morris <jmorris@namei.org> | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| | The SELinux dynamic class work in c6d3aaa4e35c71a32a86ececacd4eea7ecfc316c
creates a number of dynamic header files and scripts.  Add .gitignore files
so git doesn't complain about these.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen D. Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org> | 
|  | Add a simple utility (scripts/selinux/genheaders) and invoke it to
generate the kernel-private class and permission indices in flask.h
and av_permissions.h automatically during the kernel build from the
security class mapping definitions in classmap.h.  Adding new kernel
classes and permissions can then be done just by adding them to classmap.h.
Signed-off-by:  Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org> |