linux

History

Paul Moore 014ab19a69 selinux: Set socket NetLabel based on connection endpoint Previous work enabled the use of address based NetLabel selectors, which while highly useful, brought the potential for additional per-packet overhead when used. This patch attempts to solve that by applying NetLabel socket labels when sockets are connect()'d. This should alleviate the per-packet NetLabel labeling for all connected sockets (yes, it even works for connected DGRAM sockets). Signed-off-by: Paul Moore <paul.moore@hp.com> Reviewed-by: James Morris <jmorris@namei.org>		2008-10-10 10:16:33 -04:00
..
keys
selinux	selinux: Set socket NetLabel based on connection endpoint	2008-10-10 10:16:33 -04:00
smack	netlabel: Replace protocol/NetLabel linking with refrerence counts	2008-10-10 10:16:31 -04:00
capability.c	security: Fix setting of PF_SUPERPRIV by __capable()	2008-08-14 22:59:43 +10:00
commoncap.c	security: Fix setting of PF_SUPERPRIV by __capable()	2008-08-14 22:59:43 +10:00
device_cgroup.c	devcgroup: fix race against rmdir()	2008-09-02 19:21:38 -07:00
inode.c
Kconfig
Makefile
root_plug.c	security: Fix setting of PF_SUPERPRIV by __capable()	2008-08-14 22:59:43 +10:00
security.c	security: Fix setting of PF_SUPERPRIV by __capable()	2008-08-14 22:59:43 +10:00