linux-hardened/security
Darrel Goeddel c7bdb545d2 [NETLINK]: Encapsulate eff_cap usage within security framework.
This patch encapsulates the usage of eff_cap (in netlink_skb_params) within
the security framework by extending security_netlink_recv to include a required
capability parameter and converting all direct usage of eff_caps outside
of the lsm modules to use the interface.  It also updates the SELinux
implementation of the security_netlink_send and security_netlink_recv
hooks to take advantage of the sid in the netlink_skb_params struct.
This also enables SELinux to perform auditing of netlink capability checks.
Please apply, for 2.6.18 if possible.

Signed-off-by: Darrel Goeddel <dgoeddel@trustedcs.com>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by:  James Morris <jmorris@namei.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:57:55 -07:00
..
keys [PATCH] Keys: Allow in-kernel key requestor to pass auxiliary data to upcaller 2006-06-29 10:26:20 -07:00
selinux [NETLINK]: Encapsulate eff_cap usage within security framework. 2006-06-29 16:57:55 -07:00
capability.c kbuild: un-stringnify KBUILD_MODNAME 2006-01-06 21:17:50 +01:00
commoncap.c [NETLINK]: Encapsulate eff_cap usage within security framework. 2006-06-29 16:57:55 -07:00
dummy.c [NETLINK]: Encapsulate eff_cap usage within security framework. 2006-06-29 16:57:55 -07:00
inode.c Merge branch 'master' of /home/trondmy/kernel/linux-2.6/ 2006-06-24 13:07:53 -04:00
Kconfig [PATCH] keys: restrict contents of /proc/keys to Viewable keys 2006-06-26 09:58:18 -07:00
Makefile [PATCH] add securityfs for all LSMs to use 2005-07-08 18:48:41 -07:00
root_plug.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
seclvl.c [PATCH] Bug fixes and cleanup for the BSD Secure Levels LSM 2006-03-23 07:38:03 -08:00
security.c [PATCH] refactor capable() to one implementation, add __capable() helper 2006-03-25 08:22:56 -08:00