554f75b4ee4c3abd4d3d5fc52c279ae21bb7ada7 |
|
10-Dec-2015 |
Petr Lautrbach <plautrba@redhat.com> |
libselinux: Don't wrap rpm_execcon with DISABLE_RPM a2737333 commit introduced a possibility to build libselinux without rpm_execcon() when DISABLE_RPM is set. However, it didn't cover SWIG bindings. With this commit the rpm_execcon() bindings are not created. Fixes: ImportError: /usr/lib64/python3.5/site-packages/selinux/_selinux.so: undefined symbol: rpm_execcon Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
8d7c2854c579a2bc85b49b62ccbf38a98fbdd475 |
|
21-May-2015 |
Petr Lautrbach <plautrba@redhat.com> |
libselinux: add selinux_openssh_contexts_path() openssh in Fedora uses "sshd_net_t" type for privilege separated processes in the preauthentication phase. Similarly, openssh portable uses "sftp_t" for internal-sftp processes. Both type are hardcoded what is not ideal. Therefore selinux_openssh_contexts_path() was created to get a path where sshd can get a correct types prepared by a distribution or an administrator. Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
9eb9c9327563014ad6a807814e7975424642d5b9 |
|
19-Feb-2014 |
Stephen Smalley <sds@tycho.nsa.gov> |
Get rid of security_context_t and fix const declarations. In attempting to enable building various part of Android with -Wall -Werror, we found that the const security_context_t declarations in libselinux are incorrect; const char * was intended, but const security_context_t translates to char * const and triggers warnings on passing const char * from the caller. Easiest fix is to replace them all with const char *. And while we are at it, just get rid of all usage of security_context_t itself as it adds no value - there is no true encapsulation of the security context strings and callers already directly use string functions on them. typedef left to permit building legacy users until such a time as all are updated. This is a port of Change-Id I2f9df7bb9f575f76024c3e5f5b660345da2931a7 from Android, augmented to deal with all of the other code in upstream libselinux and updating the man pages too. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: Eric Paris <eparis@redhat.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
a2737333c795cae2aa4e31deed95a8e155d64d4a |
|
20-Nov-2012 |
Guillem Jover <guillem@debian.org> |
libselinux: Refactor rpm_execcon() into a new setexecfilecon() This new function allows a process to invoke helper programs with a new execution context based on the filename, this is initially intended for package managers so that they can easily execute package scriptlets or maintainer scripts. Base rpm_execcon() off this new function. Signed-off-by: Guillem Jover <guillem@debian.org>
/external/selinux/libselinux/include/selinux/selinux.h
|
d24fb6834d8089832a24e80d862d5944e3781b43 |
|
07-Nov-2013 |
Colin Walters <walters@verbum.org> |
selinux_set_mapping: Document it This patch may not actually be useful since there's a man page.
/external/selinux/libselinux/include/selinux/selinux.h
|
7eec00a5be8b5cebcbbc9a30b42b34f4a623c587 |
|
09-Oct-2013 |
Dan Walsh <dwalsh@redhat.com> |
Add selinux_current_policy_path, which returns the a pointer to the loaded policy Also change audit2why to look at the loaded policy rather then searching on disk for the policy file. It is more likely that you are examining the running policy.
/external/selinux/libselinux/include/selinux/selinux.h
|
851266c1803ed7ce3e8ec2cb2b76e038ca3bd3de |
|
09-Oct-2013 |
Dan Walsh <dwalsh@redhat.com> |
define SELINUX_TRANS_DIR in selinux.h I wanted to separate this directory out in order for a new patch to mcstransd to watch this directory for newly created files, which it could then translate. The idea is libvirt would write to /var/run/setrans/c0:c1,c2 with the contents of vm1, then setrans could translate the processes to show system_u:system_r:svirt_t:vm1
/external/selinux/libselinux/include/selinux/selinux.h
|
ce2a8848ad45e375cfdb58cebe28bc12431bb3db |
|
09-Oct-2013 |
Dan Walsh <dwalsh@redhat.com> |
Add selinux_systemd_contexts_path systemd has some internal contexts like generated systemd unit files that we want to allow it to check against processes trying to manage them.
/external/selinux/libselinux/include/selinux/selinux.h
|
7fe6036ca5e3624d6e3a0294b909d93b145eac31 |
|
09-Oct-2013 |
Dan Walsh <dwalsh@redhat.com> |
Add selinux_set_policy_root sets an alternate policy root directory path This allows us to specify under which the compiled policy file and context configuration files exist. We can use this with matchpathcon to check the labels under alternate policies, and we can use it for sepolicy manpage to build manpages during policy build.
/external/selinux/libselinux/include/selinux/selinux.h
|
13b599d7b80c1464683f66a1e93e02b984d94c1d |
|
17-Oct-2012 |
rhatdan <dwalsh@redhat.com> |
libselinux: mode_to_security_class: interface to translate a mode_t in to a security class coreutils needs to be able to take a statbuf and ask permissions questions. This gives us the interface to translate that statbuf mode_t into a security class which can be used. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
ee6901618c9da360515474145504c7b58258441f |
|
11-Jun-2012 |
Dan Walsh <dwalsh@redhat.com> |
libselinux: expose selinux_boolean_sub Make selinux_boolean_sub a public method so getsebool can use it, as well as potentially used within libsemanage. Signed-off-by: Eric Paris <eparis@redhat.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
88c35241535803247bd3044187c6c3b3c7f02c79 |
|
18-Apr-2012 |
Eric Paris <eparis@redhat.com> |
libselinux: boolean name equivalency Add support for booleans.subs file. Basically this allows us to finally change badly named booleans to some standard name. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
c802d4a6d53120a7c067c29625a17b09f922f4d3 |
|
18-Apr-2012 |
Dan Walsh <dwalsh@redhat.com> |
libselinux: Add support for lxc_contexts_path In order for lxc to look up its process and file labels we add new libselinux support. This is what we do for everything else, like libvirt, seposgresql, etc. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
2b5a0530e7c06150c84fc233fbfab40c57130f84 |
|
25-Mar-2012 |
Kohei KaiGai <kaigai@kaigai.gr.jp> |
libselinux: security_compute_create_name(3) I'd like to use this interface to implement special case handling for the default labeling behavior on temporary database objects. Allow userspace to use the filename_trans rules added to policy. Signed-off-by: KaiGai Kohei <kohei.kaigai@emea.nec.com> Signed-off-by: Eric Paris <eparis@redhat.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
b82b7e02dfcd46db75a94352815830fdb651fa94 |
|
23-Jan-2012 |
Daniel P. Berrange <berrange@redhat.com> |
libselinux: Fix const-correctness * include/selinux/selinux.h, src/init.c: set_selinuxmnt should take a const char *mntpath * src/get_default_type.c: Avoid bad cast discarding const * load_policy.c: Fix var decl to avoid discarding const Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
2b06f474006db3f32895dab9e393324febb9e16f |
|
23-Sep-2011 |
Eric Paris <eparis@redhat.com> |
libselinux: rename and export symlink_realpath symlink_realpath is used by both libselinux and policycoreutils. Instead of coding it twice, export the libselinux version under a new name that makes it sound more generic. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
9c46a0a3153124753e3afbd2090fea65a09e1df1 |
|
20-Oct-2011 |
Dan Walsh <dwalsh@redhat.com> |
libselinux: simple interface for access checks Some programs, like passwd, need to do simeple one time access checks. Rather than set up a full avc cache and use that infrastructure they were directly using security_compute_av. A problem with this approach is the lack of audit on denials. This patch creates a new interface that is simple to use and which will still listen to things like permissive and output audit messages on denials. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
b3b19fdce58ff6ddfa6dfb8e5576c922c96e1e45 |
|
22-Sep-2011 |
Eric Paris <eparis@redhat.com> |
libselinux: load_policy: handle selinux=0 and /sys/fs/selinux not exist Handle situation where selinux=0 passed to the kernel and both /selinux and /sys/fs/selinux directories do not exist. We used to handle selinux=0 (or kernel compile without selinux) by getting ENODEV when we tried to mount selinuxfs on /selinux. Now selinux=0 means that /sys/fs/selinux won't exist and we never create the real directory /selinux at all. So we get ENOENT instead of ENODEV. The solution is to check to see if the mount failure was for ENODEV and if not to check if selinuxfs exists in /proc/filesystems at all. If it doesn't exist, that's equivalent to ENODEV. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
bc1a8e2a4af543d04e8df70a92a5a7a3aeebf669 |
|
09-Mar-2011 |
Richard Haines <richard_c_haines@btinternet.com> |
libselinux: selinux_file_context_verify function returns wrong value. selinux_file_context_verify(3) should now return the correct codes and matchpathcon(8) has been modified to handle them. The selinux_file_context_verify(3)and selinux_file_context_cmp(3) man pages have also been updated (re-written really) to correct return codes. I found that selabel_open left errno set to ENOENT because a file_contexts.subs file did not exist on my system, but left selabel_open alone and set errno = 0 before calling selinux_filecontext_cmp. [fix uninitialize init variable in matchpathcon.c::main - eparis] Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
20b43b3fd3d392c4f12a963a4e46c264e7ed5163 |
|
06-Apr-2011 |
Daniel J Walsh <dwalsh@redhat.com> |
This patch adds a new subs_dist file. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The idea is to allow distributions to ship a subs file as well as let the user modify subs. In F16 we are looking at shipping a file_contexts.subs_dist file like this cat file_contexts.subs_dist /run /var/run /run/lock /var/lock /var/run/lock /var/lock /lib64 /lib /usr/lib64 /usr/lib The we will remove all (64)? from policy. This will allow us to make sure all /usr/lib/libBLAH is labeled the same as /usr/lib64/libBLAH -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk2c1ksACgkQrlYvE4MpobNXcQCgqgAiQJxmwa1+NdIq8E3tQRp6 QT0An0ihA60di9CRsEqEdVbSaHOwtte5 =LXgd -----END PGP SIGNATURE----- Signed-off-by: Steve Lawrence <slawrence@tresys.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
1629d2f89a8c5f758413b87b94740aaaa5f21144 |
|
06-Apr-2011 |
Daniel J Walsh <dwalsh@redhat.com> |
This patch cleans up a couple of crashes caused by libselinux -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 If you fail to load_policy in the init or SELinux is disabled, you need to free the selinux_mnt variable and clear the memory. systemd was calling load_polcy on a DISABLED system then later on it would call is_selinux_enabled() and get incorrect response, since selinux_mnt still had valid data. The second bug in libselinux, resolves around calling the selinux_key_delete(destructor_key) if the selinux_key_create call had never been called. This was causing data to be freed in other applications that loaded an unloaded the libselinux library but never setup setrans or matchpathcon. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk2c0/UACgkQrlYvE4MpobMP1QCfXAFD3pfWFLd1lylU/vjsZmpM mcUAnA2l3/GKGC3hT8XB9E+2pTfpy+uj =jpyr -----END PGP SIGNATURE----- Signed-off-by: Steve Lawrence <slawrence@tresys.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
6a17cfaafcdab82c9909eccff56968913b36a631 |
|
14-Jun-2010 |
KaiGai Kohei <kaigai@ak.jp.nec.com> |
Author: KaiGai Kohei Email: kaigai@ak.jp.nec.com Subject: libselinux APIs should take "const" qualifier? Date: Tue, 23 Mar 2010 11:56:36 +0900 (2010/03/19 22:32), Stephen Smalley wrote: > On Fri, 2010-03-19 at 16:52 +0900, KaiGai Kohei wrote: >> Right now, security_context_t is an alias of char *, declared in selinux.h. >> >> Various kind of libselinux API takes security_context_t arguments, >> however, it is inconvenience in several situations. >> >> For example, the following query is parsed, then delivered to access >> control subsystem with the security context as "const char *" cstring. >> >> ALTER TABLE my_tbl SECURITY LABEL TO 'system_u:object_r:sepgsql_table_t:SystemHigh'; >> const char *<---- ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ >> >> In this case, we want to call selinux_trans_to_raw_context() to translate >> the given security context into raw format. But it takes security_context_t >> argument for the source context, although this pointer is read-only. >> In the result, compiler raises warnings because we gave "const char *" pointer >> into functions which take security_context_t (= char *). >> >> Any comments? >> >> It seems to me the following functions' prototype should be qualified by >> "const". > > That seems reasonable and should have no impact on library ABI. > On the other hand, others have pointed out that security_context_t is > not a properly encapsulated data type at all, and perhaps should be > deprecated and replaced with direct use of char*/const char* throughout. > > There are other library API issues as well that have come up in the > past, such as lack of adequate namespacing (with approaches put forth), > but we don't ever seem to get a round tuit. At first, I tried to add const qualifiers read-only security_context_t pointers, but didn't replace them by char */const char * yet, right now. BTW, I could find out the following code: int security_compute_create(security_context_t scon, security_context_t tcon, security_class_t tclass, security_context_t * newcon) { int ret; security_context_t rscon = scon; security_context_t rtcon = tcon; security_context_t rnewcon; if (selinux_trans_to_raw_context(scon, &rscon)) return -1; if (selinux_trans_to_raw_context(tcon, &rtcon)) { freecon(rscon); return -1; } : In this case, scon and tcon can be qualified by const, and the first argument of selinux_trans_to_raw_context() can take const pointer. But it tries to initialize rscon and tscon by const pointer, although these are used to store raw security contexts. The selinux_trans_to_raw_context() always set dynamically allocated text string on the second argument, so we don't need to initialize it anyway. I also removed these initializations in this patch. Does the older mcstrans code could return without allocation of raw format when the given scon is already raw format? I don't know why these are initialized in this manner. Thanks. -- KaiGai Kohei <kaigai@ak.jp.nec.com> Signed-off-by: Chad Sellers <csellers@tresys.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
70aeeb918aa721ad90ed8e1b433a55c8ecf2cb83 |
|
15-Mar-2010 |
Eamon Walsh <ewalsh@tycho.nsa.gov> |
This patch allows selabel_*() interfaces to provide an expected security context for the given database object identified by its name and object class. It is necessary to implement a feature something like the restorecon on databases. The specfile shall be described as follows: ------------------------ # # The specfile for database objects # (for SE-PostgreSQL) # # <object class> <object name> <security context> # db_database * system_u:object_r:sepgsql_db_t:s0 db_schema *.pg_catalog system_u:obejct_r:sepgsql_sys_schema_t:s0 db_schema *.* system_u:object_r:sepgsql_schema_t:s0 db_table *.pg_catalog.* system_u:object_r:sepgsql_sysobj_t:s0 db_table *.*.* system_u:object_r:sepgsql_table_t:s0 ------------------------ - All the characters after the '#' are ignored. - Wildcards ('*' and '?') are available. - It returns the first match security context. Note that hierarchy of the namespace of database objects depends on RDBMS. So, author of the specfile needs to write correct patterns which are suitable for the target RDBMS. The patched selabel_*() interfaces don't have any heuristics for the namespace hierarchy to be suitable for widespread RDBMSs. In the case of SE-PgSQL, when we lookup an expected security context for the 'my_table' table in the 'public' schema and 'postgres' database, the caller shall provide 'postgres.public.my_table' as a key. In the default, it tries to read a specfile which maps database objects and security context from the /etc/selinux/$POLICYTYPE/contexts/sepgsql_contexts. Note that when another RDBMS uses this interface, it needs to give an explicit SELABEL_OPT_PATH option on the selabel_open(). Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com> Acked-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
/external/selinux/libselinux/include/selinux/selinux.h
|
7d19f9df510daef5dc929df5854c2dda2a64f475 |
|
20-Oct-2009 |
Chad Sellers <csellers@tresys.com> |
libselinux: Export reset_selinux_config() In integrating SELinux policy into rpm, we have a need to be able to reset the configuration data (e.g. policy type) loaded into libselinux. These values are currently loaded lazily by a number of different functions (e.g. matchpatchcon_init()). Since we are changing rpm to install policy, including initial base policy, we need to be able to reload these configuration items after the policy has been installed. reset_selinux_config() already exists and is used by selinux_init_load_policy() for a similar reason, but it is not exported. This was probably intentionaly since it is not thread safe at all. That said, rpm needs to do the same thing. This patch makes the function public, and places a warning in the header comment that it is not thread safe. Signed-off-by: Chad Sellers <csellers@tresys.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
66d07600075d53735197520e4a5bbe6796a89d25 |
|
16-Sep-2009 |
Daniel J Walsh <dwalsh@redhat.com> |
This patch fixes the exception handling in libselinux-python bindings On 09/16/2009 03:35 PM, Joshua Brindle wrote: > > > Joshua Brindle wrote: >> >> >> Daniel J Walsh wrote: >>> What do you think of this one. Removed excess swig cruft, >>> >>> You need to run >>> >>> make swigify to generate those changes. >>> >> >> Ok, looking at this now. I don't completely get how it works. I'm trying >> to reproduce what you are doing by hand but nothing comes out of gcc: >> >> [root@localhost src]# echo '#include "../include/selinux/selinux.h"' > >> temp.c >> [root@localhost src]# gcc -c temp.c -aux-info temp.aux >> [root@localhost src]# ls temp.* >> temp.c temp.o >> >> >> What is the purpose of the aux-info thing, and why doesn't it work on my >> F11 machine? >> >> also, I'm not sure if the best place for selinuxswig_exception.i is >> swigify or pywrap. In the swigify case it shouldn't be in the clean >> target because if you check out the repo and do make clean; make pywrap >> you'll get an error. (I can make these fixes, I'm just trying to figure >> out how it all works first). >> > > Oh, one more thing, should this be python specific? (E.g, should it be > named selinuxswig_python_exception.i ?) Changed name to selinux_python_exception.i WOrks for me on F11 and F12 dwalsh@localhost$ echo '#include "../include/selinux/selinux.h"' > temp.c dwalsh@localhost$ gcc -c temp.c -aux-info temp.aux dwalsh@localhost$ ls temp.* temp.aux temp.c temp.o cat temp.aux /* compiled from: . */ /* /usr/include/sys/select.h:109:NC */ extern int select (int, fd_set *, fd_set *, fd_set *, struct timeval *); /* /usr/include/sys/select.h:121:NC */ extern int pselect (int, fd_set *, fd_set *, fd_set *, const struct timespec *, const __sigset_t *); /* /usr/include/sys/sysmacros.h:31:NC */ extern unsigned int gnu_dev_major (long long unsigned int); /* /usr/include/sys/sysmacros.h:34:NC */ extern unsigned int gnu_dev_minor (long long unsigned int); /* /usr/include/sys/sysmacros.h:37:NC */ extern long long unsigned int gnu_dev_makedev (unsigned int, unsigned int); /* ../include/selinux/selinux.h:12:NC */ extern int is_selinux_enabled (void); /* ../include/selinux/selinux.h:14:NC */ extern int is_selinux_mls_enabled (void); /* ../include/selinux/selinux.h:19:NC */ extern void freecon (security_context_t); /* ../include/selinux/selinux.h:22:NC */ extern void freeconary (security_context_t *); ... commit 38d98bd958f42ea18c9376e624d733795665ee22 Author: Dan Walsh <dwalsh@redhat.com> Date: Wed Sep 16 16:51:14 2009 -0400 Add exception code
/external/selinux/libselinux/include/selinux/selinux.h
|
532bd9a8926b4123c9444660041f4e9961543577 |
|
07-Jul-2009 |
Daniel J Walsh <dwalsh@redhat.com> |
Author: Daniel J Walsh Email: dwalsh@redhat.com Subject: This patch add seusers support to SELinux Date: Mon, 18 May 2009 14:20:30 -0400 The idea here is to break the seusers file up into lots of little seusers file that can be user specific, also adds the service field to be used by tools like pam_selinux to choose which is the correct context to log a user in as. Patch was added to facilitate IPA handing out SELinux content for selection of roles at login. Signed-off-by: Joshua Brindle <method@manicmethod.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
20271d94ed2b26b94b052ba6ed90b63566cecbb7 |
|
04-Jun-2009 |
Daniel J Walsh <dwalsh@redhat.com> |
Author: Daniel J Walsh Email: dwalsh@redhat.com Subject: SELinux context patch Date: Mon, 18 May 2009 14:16:12 -0400 This patch adds context files for virtual_domain and virtual_image, these are both being used to locat the default context to be executed by svirt. I also included the subs patch which I submitted before. This patch allows us to substitute prefixes to matchpathcon. So we can say /export/home == /home and /web == /var/www Author: Chad Sellers Email: csellers@tresys.com Flipped free()'s in original patch when strdup'd fail to proper order. Signed-off-by: Chad Sellers <csellers@tresys.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
433a99d4032706af724ff779d8d9d539f20793f8 |
|
08-Apr-2009 |
KaiGai Kohei <kaigai@ak.jp.nec.com> |
It is useful for userspace object manager, if libselinux has an interface something like: int security_deny_unknown(void); This interface can suggest applications preferable behavior when string_to_security_class() or string_to_av_perm() returns invalid value which means the security policy does not define required ones. Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
55ed6e7fa6b7d55c628fa04508521920e60a43f7 |
|
08-Apr-2009 |
KaiGai Kohei <kaigai@ak.jp.nec.com> |
This patch enables applications to handle permissive domain correctly. Since the v2.6.26 kernel, SELinux has supported an idea of permissive domain which allows certain processes to work as if permissive mode, even if the global setting is enforcing mode. However, we don't have an application program interface to inform what domains are permissive one, and what domains are not. It means applications focuses on SELinux (XACE/SELinux, SE-PostgreSQL and so on) cannot handle permissive domain correctly. This patch add the sixth field (flags) on the reply of the /selinux/access interface which is used to make an access control decision from userspace. If the first bit of the flags field is positive, it means the required access control decision is on permissive domain, so application should allow any required actions, as the kernel doing. This patch also has a side benefit. The av_decision.flags is set at context_struct_compute_av(). It enables to check required permissions without read_lock(&policy_rwlock). Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
318748d65917fa5a96c17ce3b564074e43482d75 |
|
08-Apr-2009 |
KaiGai Kohei <kaigai@ak.jp.nec.com> |
The attached patch enables userspace object managers to handle notification messages via netlink socket from SELinux. * Two new callbacks were added to selinux_set_callback(3) - SELINUX_CB_SETENFORCE is invoked when it got SELNL_MSG_SETENFORCE message in the avc_netlink_process(). - SELINUX_CB_POLICYLOAD is invoked when it got SELNL_MSG_POLICYLOAD message in the avc_netlink_process(). * Three functions were exposed to applications. - int avc_netlink_open(int blocking); - void avc_netlink_loop(void); - void avc_netlink_close(void); Due to a few reasons, SE-PostgreSQL implements its own userspace avc, so it needs to copy and paste some of avc_internal.c. This update enables to share common part from such kind of application. Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
/external/selinux/libselinux/include/selinux/selinux.h
|
f9b1f1a2a17298b60a94780ab5899a8d91cbf100 |
|
01-Jan-2009 |
Eamon Walsh <ewalsh@tycho.nsa.gov> |
Add config path function for secolor.conf file. Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
/external/selinux/libselinux/include/selinux/selinux.h
|
cfa3cb6fa5d0cc00fde75ee74ec2da577f62e141 |
|
26-Nov-2008 |
Eamon Walsh <ewalsh@tycho.nsa.gov> |
Add client routines for translating raw security contexts into colors. Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
/external/selinux/libselinux/include/selinux/selinux.h
|
13cd4c8960688af11ad23b4c946149015c80d549 |
|
19-Aug-2008 |
Joshua Brindle <method@manicmethod.com> |
initial import from svn trunk revision 2950
/external/selinux/libselinux/include/selinux/selinux.h
|