]> err.no Git - linux-2.6/commit
SELinux: Add a network node caching mechanism similar to the sel_netif_*() functions
authorPaul Moore <paul.moore@hp.com>
Tue, 29 Jan 2008 13:38:13 +0000 (08:38 -0500)
committerJames Morris <jmorris@namei.org>
Tue, 29 Jan 2008 21:17:23 +0000 (08:17 +1100)
commit224dfbd81e1ff672eb46e7695469c395bd531083
treec89c3ab606634a7174db8807b2633df8bb024b8c
parentda5645a28a15aed2e541a814ecf9f7ffcd4c4673
SELinux: Add a network node caching mechanism similar to the sel_netif_*() functions

This patch adds a SELinux IP address/node SID caching mechanism similar to the
sel_netif_*() functions.  The node SID queries in the SELinux hooks files are
also modified to take advantage of this new functionality.  In addition, remove
the address length information from the sk_buff parsing routines as it is
redundant since we already have the address family.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
security/selinux/Makefile
security/selinux/hooks.c
security/selinux/include/netnode.h [new file with mode: 0644]
security/selinux/include/objsec.h
security/selinux/netnode.c [new file with mode: 0644]