linux-stable-rt/security/selinux
David P. Quigley 4249259404 VFS/Security: Rework inode_getsecurity and callers to return resulting buffer
This patch modifies the interface to inode_getsecurity to have the function
return a buffer containing the security blob and its length via parameters
instead of relying on the calling function to give it an appropriately sized
buffer.

Security blobs obtained with this function should be freed using the
release_secctx LSM hook.  This alleviates the problem of the caller having to
guess a length and preallocate a buffer for this function allowing it to be
used elsewhere for Labeled NFS.

The patch also removed the unused err parameter.  The conversion is similar to
the one performed by Al Viro for the security_getprocattr hook.

Signed-off-by: David P. Quigley <dpquigl@tycho.nsa.gov>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Chris Wright <chrisw@sous-sol.org>
Acked-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Cc: Casey Schaufler <casey@schaufler-ca.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Christoph Hellwig <hch@lst.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-02-05 09:44:20 -08:00
..
include SELinux: Allow NetLabel to directly cache SIDs 2008-01-30 08:17:27 +11:00
ss [AUDIT] add session id to audit messages 2008-02-01 14:06:51 -05:00
Kconfig SELinux: Add a capabilities bitmap to SELinux policy version 22 2008-01-30 08:17:23 +11:00
Makefile SELinux: Add a network node caching mechanism similar to the sel_netif_*() functions 2008-01-30 08:17:23 +11:00
avc.c SELinux: Only store the network interface's ifindex 2008-01-30 08:17:22 +11:00
exports.c SELinux: Enable dynamic enable/disable of the network access checks 2008-01-30 08:17:26 +11:00
hooks.c VFS/Security: Rework inode_getsecurity and callers to return resulting buffer 2008-02-05 09:44:20 -08:00
netif.c SELinux: Add warning messages on network denial due to error 2008-01-30 08:17:30 +11:00
netlabel.c SELinux: Allow NetLabel to directly cache SIDs 2008-01-30 08:17:27 +11:00
netlink.c [NET]: Support multiple network namespaces with netlink 2007-10-10 16:49:09 -07:00
netnode.c SELinux: Add warning messages on network denial due to error 2008-01-30 08:17:30 +11:00
nlmsgtab.c
selinuxfs.c [AUDIT] add session id to audit messages 2008-02-01 14:06:51 -05:00
xfrm.c SELinux: Enable dynamic enable/disable of the network access checks 2008-01-30 08:17:26 +11:00