OpenE2K/linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
e0e817392b
linux/drivers
History
Paul Moore 2b980dbd77 lsm: Add hooks to the TUN driver 
The TUN driver lacks any LSM hooks which makes it difficult for LSM modules,
such as SELinux, to enforce access controls on network traffic generated by
TUN users; this is particularly problematic for virtualization apps such as
QEMU and KVM.  This patch adds three new LSM hooks designed to control the
creation and attachment of TUN devices, the hooks are:

 * security_tun_dev_create()
   Provides access control for the creation of new TUN devices

 * security_tun_dev_post_create()
   Provides the ability to create the necessary socket LSM state for newly
   created TUN devices

 * security_tun_dev_attach()
   Provides access control for attaching to existing, persistent TUN devices
   and the ability to update the TUN device's socket LSM state as necessary

Signed-off-by: Paul Moore <paul.moore@hp.com>
Acked-by: Eric Paris <eparis@parisplace.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: James Morris <jmorris@namei.org>
2009-09-01 08:29:48 +10:00
..
accessibility
acpi
amba
ata ahci: add workaround for on-board 5723s on some gigabyte boards 2009-08-12 06:21:32 -04:00
atm
auxdisplay
base PM / Driver Core: Kill dev_pm_ops platform warning for now 2009-08-10 23:41:18 +02:00
block
bluetooth
cdrom
char pty: fix data loss when stopped (^S/^Q) 2009-08-10 13:31:18 -07:00
clocksource sh: CMT suspend/resume 2009-08-15 12:58:45 +09:00
connector
cpufreq
cpuidle
crypto
dca
dio
dma
edac
eisa
firewire
firmware
gpio
gpu drm/kms: teardown crtc correctly when fb is destroyed. 2009-08-19 14:11:34 +10:00
hid
hwmon
i2c
ide
idle
ieee1394
ieee802154
infiniband
input
isdn
leds
lguest
macintosh
mca
md Merge branch 'for-linus' of git://neil.brown.name/md 2009-08-18 13:54:08 -07:00
media V4L/DVB (12441): siano: read buffer overflow 2009-08-13 20:39:14 -03:00
memstick
message
mfd
misc
mmc
mtd Remove zero-length file drivers/mtd/maps/sbc8240.c 2009-08-12 06:29:57 -04:00
net lsm: Add hooks to the TUN driver 2009-09-01 08:29:48 +10:00
nubus
of
oprofile
parisc
parport
pci Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jbarnes/pci-2.6 2009-08-10 11:00:37 -07:00
pcmcia
platform
pnp
power
pps
ps3
rapidio
regulator
rtc
s390
sbus
scsi
serial ARM: S3C64XX: serial: Fix a typo in Kconfig 2009-08-14 00:43:46 +01:00
sh
sn
spi spi_s3c24xx: fix transfer setup code 2009-08-18 16:31:13 -07:00
ssb
staging Networking: use CAP_NET_ADMIN when deciding to call request_module 2009-08-14 11:18:34 +10:00
tc
telephony
thermal
uio
usb
uwb
video sh: skip disabled LCDC channels 2009-08-15 12:58:42 +09:00
virtio
vlynq
w1
watchdog
xen
zorro
Kconfig
Makefile