Antonio Murdaca 1ea0ce4069 selinux: allow changing labels for cgroupfs ... This patch allows changing labels for cgroup mounts. Previously, running chcon on cgroupfs would throw an "Operation not supported". This patch specifically whitelist cgroupfs. The patch could also allow containers to write only to the systemd cgroup for instance, while the other cgroups are kept with cgroup_t label. Signed-off-by: Antonio Murdaca <runcom@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <paul@paul-moore.com>		2017-02-07 22:17:47 -05:00
..
include	selinux: drop unused socket security classes	2017-01-12 11:10:24 -05:00
ss	selinux: support distinctions among all network address families	2017-01-09 10:07:30 -05:00
.gitignore	SELinux: add .gitignore files for dynamic classes	2009-10-24 09:42:27 +08:00
avc.c	Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into next	2015-08-15 13:29:57 +10:00
exports.c	selinux: sparse fix: include selinux.h in exports.c	2011-09-09 16:56:32 -07:00
hooks.c	selinux: allow changing labels for cgroupfs	2017-02-07 22:17:47 -05:00
Kconfig	selinux: drop SECURITY_SELINUX_POLICYDB_VERSION_MAX	2016-08-18 20:01:15 -04:00
Makefile	selinux: use absolute path to include directory	2016-01-28 10:37:15 -05:00
netif.c	Merge commit 'v3.17' into next	2014-11-19 21:32:12 +11:00
netlabel.c	calipso: Add a label cache.	2016-06-27 15:06:17 -04:00
netlink.c	selinux: replace obsolete NLMSG_* with type safe nlmsg_*	2013-03-28 14:25:49 -04:00
netnode.c	selinux: remove unused variabled in the netport, netnode, and netif caches	2014-08-07 20:55:30 -04:00
netport.c	selinux: remove unused variabled in the netport, netnode, and netif caches	2014-08-07 20:55:30 -04:00
nlmsgtab.c	rtnetlink: add new RTM_GETSTATS message to dump link stats	2016-04-20 15:43:42 -04:00
selinuxfs.c	selinux: default to security isid in sel_make_bools() if no sid is found	2017-01-09 10:07:32 -05:00
xfrm.c	netfilter: Remove spurios included of netfilter.h	2015-06-18 21:14:32 +02:00