linux/security/selinux/include
Eric Paris e000752989 LSM/SELinux: Interfaces to allow FS to control mount options
Introduce new LSM interfaces to allow an FS to deal with their own mount
options.  This includes a new string parsing function exported from the
LSM that an FS can use to get a security data blob and a new security
data blob.  This is particularly useful for an FS which uses binary
mount data, like NFS, which does not pass strings into the vfs to be
handled by the loaded LSM.  Also fix a BUG() in both SELinux and SMACK
when dealing with binary mount data.  If the binary mount data is less
than one page the copy_page() in security_sb_copy_data() can cause an
illegal page fault and boom.  Remove all NFSisms from the SELinux code
since they were broken by past NFS changes.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: James Morris <jmorris@namei.org>
2008-03-06 08:40:53 +11:00
..
av_inherit.h [SELinux]: Add support for DCCP 2006-12-02 21:22:24 -08:00
av_perm_to_string.h selinux: support 64-bit capabilities 2008-02-11 20:30:02 +11:00
av_permissions.h selinux: support 64-bit capabilities 2008-02-11 20:30:02 +11:00
avc.h d_path: Use struct path in struct avc_audit_data 2008-02-14 21:17:08 -08:00
avc_ss.h SELinux: export object class and permission definitions 2006-11-28 12:04:36 -05:00
class_to_string.h selinux: support 64-bit capabilities 2008-02-11 20:30:02 +11:00
common_perm_to_string.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
conditional.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
flask.h selinux: support 64-bit capabilities 2008-02-11 20:30:02 +11:00
initial_sid_to_string.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
netif.h SELinux: Convert the netif code to use ifindex values 2008-01-30 08:17:21 +11:00
netlabel.h SELinux: Allow NetLabel to directly cache SIDs 2008-01-30 08:17:27 +11:00
netnode.h SELinux: Add a network node caching mechanism similar to the sel_netif_*() functions 2008-01-30 08:17:23 +11:00
objsec.h SELinux: Better integration between peer labeling subsystems 2008-01-30 08:17:25 +11:00
security.h LSM/SELinux: Interfaces to allow FS to control mount options 2008-03-06 08:40:53 +11:00
xfrm.h SELinux: Enable dynamic enable/disable of the network access checks 2008-01-30 08:17:26 +11:00