Eric Paris a5dda68332 SELinux: check seqno when updating an avc_node ... The avc update node callbacks do not check the seqno of the caller with the seqno of the node found. It is possible that a policy change could happen (although almost impossibly unlikely) in which a permissive or permissive_domain decision is not valid for the entry found. Simply pass and check that the seqno of the caller and the seqno of the node found match. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>		2009-02-14 09:22:34 +11:00
..
include	SELinux: Add new security mount option to indicate security label support.	2009-01-19 09:47:06 +11:00
ss	Merge branch 'next' into for-linus	2009-01-07 09:58:22 +11:00
avc.c	SELinux: check seqno when updating an avc_node	2009-02-14 09:22:34 +11:00
exports.c	CRED: Wrap current->cred and a few other accessors	2008-11-14 10:39:18 +11:00
hooks.c	SELinux: NULL terminate al contexts from disk	2009-02-14 09:22:30 +11:00
Kconfig	selinux: Deprecate and schedule the removal of the the compat_net functionality	2008-12-31 12:54:11 -05:00
Makefile	SELinux: Add network port SID cache	2008-04-18 20:26:16 +10:00
netif.c	SELinux fixups needed for preemptable RCU from -rt	2008-04-22 15:37:23 +10:00
netlabel.c	selinux: Cache NetLabel secattrs in the socket's security struct	2008-10-10 10:16:33 -04:00
netlink.c	SELinux: netlink.c whitespace, syntax, and static declaraction cleanups	2008-04-21 19:05:05 +10:00
netnode.c	SELinux: keep the code clean formating and syntax	2008-07-14 15:01:36 +10:00
netport.c	SELinux: keep the code clean formating and syntax	2008-07-14 15:01:36 +10:00
nlmsgtab.c	selinux: recognize netlink messages for 'ip addrlabel'	2008-11-06 07:08:36 +08:00
selinuxfs.c	Merge branch 'next' into for-linus	2009-01-07 09:58:22 +11:00
xfrm.c	CRED: Wrap current->cred and a few other accessors	2008-11-14 10:39:18 +11:00