rtime.felk.cvut.cz Git - linux-imx.git/commit

author	David Quigley <dpquigl@davequigley.com>
	Wed, 22 May 2013 16:50:35 +0000 (12:50 -0400)
committer	Trond Myklebust <Trond.Myklebust@netapp.com>
	Sat, 8 Jun 2013 20:20:11 +0000 (16:20 -0400)
commit	746df9b59c8a5f162c907796c7295d3c4c0d8995
tree	6c0e7ae018bfb33f482afdc74d0c77d6b9edd152	tree \| snapshot
parent	d47be3dfecaf20255af89a57460285c82d5271ad	commit \| diff

Security: Add Hook to test if the particular xattr is part of a MAC model.

The interface to request security labels from user space is the xattr
interface. When requesting the security label from an NFS server it is
important to make sure the requested xattr actually is a MAC label. This allows
us to make sure that we get the desired semantics from the attribute instead of
something else such as capabilities or a time based LSM.

Acked-by: Eric Paris <eparis@redhat.com>
Acked-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: Matthew N. Dodd <Matthew.Dodd@sparta.com>
Signed-off-by: Miguel Rodel Felipe <Rodel_FM@dsi.a-star.edu.sg>
Signed-off-by: Phua Eu Gene <PHUA_Eu_Gene@dsi.a-star.edu.sg>
Signed-off-by: Khin Mi Mi Aung <Mi_Mi_AUNG@dsi.a-star.edu.sg>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>

include/linux/security.h		diff \| blob \| history
security/capability.c		diff \| blob \| history
security/security.c		diff \| blob \| history
security/selinux/hooks.c		diff \| blob \| history
security/smack/smack_lsm.c		diff \| blob \| history