kernel_optimize_test/security/selinux
Paul Moore 0275276035 NetLabel: convert to an extensibile/sparse category bitmap
The original NetLabel category bitmap was a straight char bitmap which worked
fine for the initial release as it only supported 240 bits due to limitations
in the CIPSO restricted bitmap tag (tag type 0x01).  This patch converts that
straight char bitmap into an extensibile/sparse bitmap in order to lay the
foundation for other CIPSO tag types and protocols.

This patch also has a nice side effect in that all of the security attributes
passed by NetLabel into the LSM are now in a format which is in the host's
native byte/bit ordering which makes the LSM specific code much simpler; look
at the changes in security/selinux/ss/ebitmap.c as an example.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
2006-12-02 21:31:36 -08:00
..
include Compile fix for "peer secid consolidation for external network labeling" 2006-12-02 21:24:16 -08:00
ss NetLabel: convert to an extensibile/sparse category bitmap 2006-12-02 21:31:36 -08:00
avc.c SELinux: export object class and permission definitions 2006-11-28 12:04:36 -05:00
exports.c [PATCH] selinux: rename selinux_ctxid_to_string 2006-09-26 08:48:52 -07:00
hooks.c SELinux: peer secid consolidation for external network labeling 2006-12-02 21:24:14 -08:00
Kconfig Still more typo fixes 2006-10-03 22:36:44 +02:00
Makefile [PATCH] support for context based audit filtering 2006-05-01 06:06:24 -04:00
netif.c [PATCH] SELinux: convert to kzalloc 2005-10-30 17:37:11 -08:00
netlink.c [NETLINK]: Add "groups" argument to netlink_kernel_create 2005-08-29 16:01:11 -07:00
nlmsgtab.c [IPv6] prefix: Convert RTM_NEWPREFIX notifications to use the new netlink api 2006-12-02 21:22:45 -08:00
selinuxfs.c [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
xfrm.c SELinux: peer secid consolidation for external network labeling 2006-12-02 21:24:14 -08:00