1
linux/include/net
Paul Moore 07feee8f81 netlabel: Cleanup the Smack/NetLabel code to fix incoming TCP connections
This patch cleans up a lot of the Smack network access control code.  The
largest changes are to fix the labeling of incoming TCP connections in a
manner similar to the recent SELinux changes which use the
security_inet_conn_request() hook to label the request_sock and let the label
move to the child socket via the normal network stack mechanisms.  In addition
to the incoming TCP connection fixes this patch also removes the smk_labled
field from the socket_smack struct as the minor optimization advantage was
outweighed by the difficulty in maintaining it's proper state.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: James Morris <jmorris@namei.org>
2009-03-28 15:01:37 +11:00
..
9p 9p: fix sparse warnings 2008-10-22 18:54:47 -05:00
bluetooth Bluetooth: Ask upper layers for HCI disconnect reason 2009-02-27 06:14:43 +01:00
irda irda: Add irda_skb_cb qdisc related padding 2008-12-17 15:44:58 -08:00
iucv [S390] iucv: Locking free version of iucv_message_(receive|send) 2008-12-25 13:39:04 +01:00
netfilter Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-next-2.6 2009-03-26 22:45:23 -07:00
netns netfilter: nf_conntrack: use SLAB_DESTROY_BY_RCU and get rid of call_rcu() 2009-03-25 21:05:46 +01:00
phonet Phonet: use per-namespace devices list 2009-01-26 21:03:35 -08:00
sctp sctp: Clean up TEST_FRAME hacks. 2009-03-21 13:41:09 -07:00
tc_act
tipc
act_api.h
addrconf.h ipv6: Fix conflict resolutions during ipv6 binding 2009-03-24 19:49:11 -07:00
af_rxrpc.h
af_unix.h net: Fix soft lockups/OOM issues w/ unix garbage collector 2008-11-26 15:32:27 -08:00
ah.h
arp.h
atmclip.h clip: convert to internal network_device_stats 2009-01-21 14:01:59 -08:00
ax25.h
ax88796.h ax88796: Add method to take MAC from platform data 2009-03-24 23:32:03 -07:00
cfg80211.h cfg80211: add feature to hold bss 2009-03-27 20:13:13 -04:00
checksum.h include/net net/ - csum_partial - remove unnecessary casts 2008-11-19 15:44:53 -08:00
cipso_ipv4.h netlabel: Label incoming TCP connections correctly in SELinux 2009-03-28 15:01:36 +11:00
compat.h
datalink.h
dcbnl.h net: fix DCB setstate to return success/failure 2008-12-21 20:09:50 -08:00
dn_dev.h
dn_fib.h decnet: remove private wrappers of endian helpers 2008-11-27 00:12:47 -08:00
dn_neigh.h
dn_nsp.h
dn_route.h
dn.h decnet: compile fix for removal of byteorder wrapper 2008-11-27 23:04:13 -08:00
dsa.h dsa: add switch chip cascading support 2009-03-21 19:06:54 -07:00
dsfield.h
dst.h netns xfrm: lookup in netns 2008-11-25 17:35:18 -08:00
esp.h
ethoc.h net: Add support for the OpenCores 10/100 Mbps Ethernet MAC. 2009-03-27 00:16:21 -07:00
fib_rules.h
flow.h netns xfrm: lookup in netns 2008-11-25 17:35:18 -08:00
garp.h
gen_stats.h pkt_sched: gen_estimator: Optimize gen_estimator_active() 2008-11-26 15:24:32 -08:00
genetlink.h
icmp.h
ieee80211_radiotap.h wireless: radiotap updates 2009-03-27 20:12:52 -04:00
if_inet6.h ipv6: reorder struct inet6_ifaddr to remove padding on 64 bit builds 2009-03-21 13:29:05 -07:00
inet6_connection_sock.h
inet6_hashtables.h
inet_common.h
inet_connection_sock.h
inet_ecn.h net: replace __constant_{endian} uses in net headers 2009-02-14 22:58:35 -08:00
inet_frag.h inet fragments: fix sparse warning: context imbalance 2009-02-26 23:13:35 -08:00
inet_hashtables.h net: move bsockets outside of read only beginning of struct inet_hashinfo 2009-02-01 12:31:33 -08:00
inet_sock.h
inet_timewait_sock.h net: Convert TCP & DCCP hash tables to use RCU / hlist_nulls 2008-11-16 19:40:17 -08:00
inetpeer.h
ip6_checksum.h
ip6_fib.h
ip6_route.h
ip6_tunnel.h
ip_fib.h
ip_vs.h net: replace __constant_{endian} uses in net headers 2009-02-14 22:58:35 -08:00
ip.h ip: support for TX timestamps on UDP and RAW sockets 2009-02-15 22:43:38 -08:00
ipcomp.h
ipconfig.h
ipip.h
ipv6.h net: replace __constant_{endian} uses in net headers 2009-02-14 22:58:35 -08:00
ipx.h net: replace __constant_{endian} uses in net headers 2009-02-14 22:58:35 -08:00
iw_handler.h
lapb.h
lib80211.h wireless: missing include in lib80211.h 2008-11-21 11:42:55 -05:00
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h
llc_if.h
llc_pdu.h
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
llc.h
mac80211.h mac80211/iwlwifi: move virtual A-MDPU queue bookkeeping to iwlwifi 2009-03-27 20:13:23 -04:00
mip6.h
ndisc.h ipv6: Fix sporadic sendmsg -EINVAL when sending to multicast groups. 2009-01-04 16:04:39 -08:00
neighbour.h net: Cleanup of neighbour code 2008-11-12 00:54:54 -08:00
net_namespace.h netns: Remove net_alive 2009-03-03 01:14:27 -08:00
netdma.h net_dma: convert to dma_find_channel 2009-01-06 11:38:15 -07:00
netevent.h
netlabel.h netlabel: Cleanup the Smack/NetLabel code to fix incoming TCP connections 2009-03-28 15:01:37 +11:00
netlink.h netlink: add nla_policy_len() 2009-03-25 18:26:30 +01:00
netrom.h netrom: convert to internal net_device_stats 2009-01-21 14:02:01 -08:00
nexthop.h
p8022.h
pkt_cls.h ematch: simpler tcf_em_unregister() 2008-11-16 23:01:49 -08:00
pkt_sched.h pkt_sched: sch_hfsc: sch_htb: Add non-work-conserving warning handler. 2009-02-01 01:12:42 -08:00
protocol.h ipv6: Add GRO support 2009-01-08 10:40:57 -08:00
psnap.h snap: use const for descriptor 2009-03-21 19:06:50 -07:00
raw.h
rawv6.h
red.h
request_sock.h net: Fix memory leak in the proto_register function 2008-11-21 16:45:22 -08:00
rose.h
route.h
rtnetlink.h
sch_generic.h net: reorder struct Qdisc for better SMP performance 2009-03-20 01:33:32 -07:00
scm.h Merge branch 'master' into next 2008-11-14 11:29:12 +11:00
slhc_vj.h
snmp.h
sock.h Merge branch 'master' of /home/davem/src/GIT/linux-2.6/ 2009-02-24 03:50:29 -08:00
stp.h
tcp_states.h
tcp.h tcp: simplify tcp_current_mss 2009-03-15 20:09:54 -07:00
timewait_sock.h net: Fix memory leak in the proto_register function 2008-11-21 16:45:22 -08:00
transp_v6.h net: replace __constant_{endian} uses in net headers 2009-02-14 22:58:35 -08:00
udp.h ipv6: Fix conflict resolutions during ipv6 binding 2009-03-24 19:49:11 -07:00
udplite.h udp: introduce struct udp_table and multiple spinlocks 2008-10-29 01:41:45 -07:00
wext.h
wimax.h wimax: fix typo in kernel-doc for debugfs_dentry in struct wimax_dev 2009-01-11 00:06:32 -08:00
wireless.h cfg80211: Add AP beacon regulatory hints 2009-02-27 14:52:59 -05:00
x25.h
x25device.h
xfrm.h netns xfrm: per-netns sysctls 2008-11-25 18:00:48 -08:00