linux-stable-rt/security/selinux
Stephen Hemminger 227b60f510 [INET]: local port range robustness
Expansion of original idea from Denis V. Lunev <den@openvz.org>

Add robustness and locking to the local_port_range sysctl.
1. Enforce that low < high when setting.
2. Use seqlock to ensure atomic update.

The locking might seem like overkill, but there are
cases where sysadmin might want to change value in the
middle of a DoS attack.

Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10 17:30:46 -07:00
..
include
ss SELinux: correct error code in selinux_audit_rule_init 2007-08-16 11:42:28 -04:00
Kconfig
Makefile
avc.c
exports.c
hooks.c [INET]: local port range robustness 2007-10-10 17:30:46 -07:00
netif.c [NET]: Make device event notification network namespace safe 2007-10-10 16:49:09 -07:00
netlabel.c SELinux: restore proper NetLabel caching behavior 2007-08-02 11:52:21 -04:00
netlink.c [NET]: Support multiple network namespaces with netlink 2007-10-10 16:49:09 -07:00
nlmsgtab.c
selinuxfs.c
xfrm.c SELinux: null-terminate context string in selinux_xfrm_sec_ctx_alloc 2007-07-25 12:49:41 -04:00