On Thursday, May 11, 2017, Tom Cherry via Selinux
wrote:
> This check is not specific to Android devices. If libselinux were used
> with Bionic on a normal Linux system this check would still be needed.
>
> Signed-off-by: Tom Cherry >
>
This check is not specific to Android devices. If libselinux were used
with Bionic on a normal Linux system this check would still be needed.
Signed-off-by: Tom Cherry
---
libselinux/src/procattr.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git
On 5/11/2017 1:22 PM, Stephen Smalley wrote:
> On Thu, 2017-05-11 at 08:56 -0700, Casey Schaufler wrote:
>> On 5/11/2017 5:59 AM, Sebastien Buisson wrote:
>>> Add policybrief field to struct policydb. It holds a brief info
>>> of the policydb, in the following form:
>>> <0 or 1 for enforce>:<0 or
On Thu, 2017-05-11 at 08:56 -0700, Casey Schaufler wrote:
> On 5/11/2017 5:59 AM, Sebastien Buisson wrote:
> > Add policybrief field to struct policydb. It holds a brief info
> > of the policydb, in the following form:
> > <0 or 1 for enforce>:<0 or 1 for checkreqprot>:=
> > Policy brief is
On 5/11/2017 5:59 AM, Sebastien Buisson wrote:
> Add policybrief field to struct policydb. It holds a brief info
> of the policydb, in the following form:
> <0 or 1 for enforce>:<0 or 1 for checkreqprot>:=
> Policy brief is computed every time the policy is loaded, and when
> enforce or
On 5/10/2017 2:05 PM, Stephen Smalley wrote:
> On Tue, 2017-05-09 at 23:50 +0300, Dan Jurgens wrote:
>> From: Daniel Jurgens
>>
>> --- a/libsepol/include/sepol/policydb/services.h
>> +++ b/libsepol/include/sepol/policydb/services.h
>> @@ -199,6 +199,16 @@ extern int
Like I mentioned for patch 2, kernel_to_cil.c and kernel_to_conf.c need to be
updated.
Jim
On 05/09/2017 04:50 PM, Dan Jurgens wrote:
From: Daniel Jurgens
Add support for reading, writing, and copying IB end port ocontext data.
Also add support for querying a IB end
libsepol now has the functionality to write cil or a policy.conf from a kernel
policy, so kernel_to_cil.c and kernel_to_conf.c need to be updated as well.
Doing that shouldn't be any more complicated than what was done for module_to_c.
Jim
On 05/09/2017 04:50 PM, Dan Jurgens wrote:
From:
On Thu, 2017-05-11 at 21:59 +0900, Sebastien Buisson wrote:
> Add policybrief field to struct policydb. It holds a brief info
> of the policydb, in the following form:
> <0 or 1 for enforce>:<0 or 1 for checkreqprot>:=
> Policy brief is computed every time the policy is loaded, and when
> enforce
2017-05-05 20:33 GMT+02:00 Casey Schaufler :
> How do you see policy_brief being used by a modules
> with dynamic policy?
Policy's brief is computed on the binary representation every time the
policy is loaded, and when enforce or checkreqprot are changed. It
should not be
Expose policy brief via selinuxfs.
Signed-off-by: Sebastien Buisson
---
security/selinux/selinuxfs.c | 26 ++
1 file changed, 26 insertions(+)
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index 8c9f5b7..50f69c5 100644
---
Add policybrief field to struct policydb. It holds a brief info
of the policydb, in the following form:
<0 or 1 for enforce>:<0 or 1 for checkreqprot>:=
Policy brief is computed every time the policy is loaded, and when
enforce or checkreqprot are changed.
Add security_policy_brief hook to give
12 matches
Mail list logo