1
linux/net/ipv4
Darrel Goeddel c7bdb545d2 [NETLINK]: Encapsulate eff_cap usage within security framework.
This patch encapsulates the usage of eff_cap (in netlink_skb_params) within
the security framework by extending security_netlink_recv to include a required
capability parameter and converting all direct usage of eff_caps outside
of the lsm modules to use the interface.  It also updates the SELinux
implementation of the security_netlink_send and security_netlink_recv
hooks to take advantage of the sid in the netlink_skb_params struct.
This also enables SELinux to perform auditing of netlink capability checks.
Please apply, for 2.6.18 if possible.

Signed-off-by: Darrel Goeddel <dgoeddel@trustedcs.com>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by:  James Morris <jmorris@namei.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:57:55 -07:00
..
ipvs [PATCH] sem2mutex: misc static one-file mutexes 2006-03-26 08:56:55 -08:00
netfilter [NETLINK]: Encapsulate eff_cap usage within security framework. 2006-06-29 16:57:55 -07:00
af_inet.c [NET]: Added GSO header verification 2006-06-29 16:57:53 -07:00
ah4.c [IPSEC] proto: Move transport mode input path into xfrm_mode_transport 2006-06-17 21:28:41 -07:00
arp.c [IPV4]: Possible cleanups. 2006-04-14 15:00:20 -07:00
datagram.c
devinet.c [IPV4]: Possible cleanups. 2006-04-14 15:00:20 -07:00
esp4.c [IPSEC] proto: Move transport mode input path into xfrm_mode_transport 2006-06-17 21:28:41 -07:00
fib_frontend.c [NET]: Export ip_dev_find() 2006-06-17 20:37:28 -07:00
fib_hash.c
fib_lookup.h
fib_rules.c
fib_semantics.c
fib_trie.c [FIB_TRIE]: Fix leaf freeing. 2006-04-09 22:25:23 -07:00
icmp.c [IPV4] icmp: Kill local 'ip' arg in icmp_redirect(). 2006-06-17 21:29:41 -07:00
igmp.c [IPV4] igmp: Fixup struct ip_mc_list::multiaddr type 2006-06-17 21:29:37 -07:00
inet_connection_sock.c
inet_diag.c
inet_hashtables.c [IPV4]: Possible cleanups. 2006-04-14 15:00:20 -07:00
inet_timewait_sock.c
inetpeer.c
ip_forward.c [IPV4]: Increment ipInHdrErrors when TTL expires. 2006-06-12 13:09:59 -07:00
ip_fragment.c [IPV4] ip_fragment: Always compute hash with ipfrag_lock held. 2006-04-09 22:43:55 -07:00
ip_gre.c [INET]: Use port unreachable instead of proto for tunnels 2006-04-09 22:25:29 -07:00
ip_input.c [IPV4]: Remove likely in ip_rcv_finish() 2006-05-06 18:11:39 -07:00
ip_options.c [IPV4]: ip_options_fragment() has no effect on fragmentation 2006-05-09 15:18:50 -07:00
ip_output.c [NET]: Merge TSO/UFO fields in sk_buff 2006-06-23 02:07:29 -07:00
ip_sockglue.c
ipcomp.c [NET]: Clean up skb_linearize 2006-06-17 21:30:16 -07:00
ipconfig.c
ipip.c [INET]: Move no-tunnel ICMP error to tunnel4/tunnel6 2006-04-09 22:25:25 -07:00
ipmr.c
Kconfig [TCP]: TCP Compound congestion control 2006-06-17 21:29:25 -07:00
Makefile [TCP]: TCP Probe congestion window tracing 2006-06-17 21:29:31 -07:00
multipath_drr.c
multipath_random.c
multipath_rr.c
multipath_wrandom.c
multipath.c
netfilter.c [NETFILTER]: Add address family specific checksum helpers 2006-04-09 22:25:41 -07:00
proc.c [PATCH] for_each_possible_cpu: network codes 2006-04-11 06:18:31 -07:00
protocol.c
raw.c [IPV4]: Right prototype of __raw_v4_lookup() 2006-06-17 21:29:39 -07:00
route.c [PATCH] Define __raw_get_cpu_var and use it 2006-06-25 10:01:01 -07:00
syncookies.c
sysctl_net_ipv4.c [TCP]: Add tcp_slow_start_after_idle sysctl. 2006-06-17 21:30:53 -07:00
tcp_bic.c [TCP]: Minimum congestion window consolidation. 2006-06-17 21:29:29 -07:00
tcp_compound.c [TCP]: Minimum congestion window consolidation. 2006-06-17 21:29:29 -07:00
tcp_cong.c [TCP]: Minimum congestion window consolidation. 2006-06-17 21:29:29 -07:00
tcp_cubic.c [TCP]: Minimum congestion window consolidation. 2006-06-17 21:29:29 -07:00
tcp_diag.c
tcp_highspeed.c [TCP]: Limited slow start for Highspeed TCP 2006-06-17 21:29:33 -07:00
tcp_htcp.c [TCP]: Minimum congestion window consolidation. 2006-06-17 21:29:29 -07:00
tcp_hybla.c
tcp_input.c [NET]: Merge TSO/UFO fields in sk_buff 2006-06-23 02:07:29 -07:00
tcp_ipv4.c [I/OAT]: TCP recv offload to I/OAT 2006-06-17 21:25:56 -07:00
tcp_lp.c [TCP]: TCP Low Priority congestion control 2006-06-17 21:29:21 -07:00
tcp_minisocks.c
tcp_output.c [NET]: Merge TSO/UFO fields in sk_buff 2006-06-23 02:07:29 -07:00
tcp_probe.c [TCP]: Fix compile warning in tcp_probe.c 2006-06-17 21:29:35 -07:00
tcp_scalable.c
tcp_timer.c
tcp_vegas.c
tcp_veno.c [TCP]: Minimum congestion window consolidation. 2006-06-17 21:29:29 -07:00
tcp_westwood.c [TCP] Westwood: reset RTT min after FRTO 2006-06-17 21:30:38 -07:00
tcp.c [NET]: Added GSO header verification 2006-06-29 16:57:53 -07:00
tunnel4.c [INET]: Move no-tunnel ICMP error to tunnel4/tunnel6 2006-04-09 22:25:25 -07:00
udp.c
xfrm4_input.c [IPSEC] xfrm: Abstract out encapsulation modes 2006-06-17 21:28:39 -07:00
xfrm4_mode_transport.c [IPSEC] proto: Move transport mode input path into xfrm_mode_transport 2006-06-17 21:28:41 -07:00
xfrm4_mode_tunnel.c [IPSEC] xfrm: Abstract out encapsulation modes 2006-06-17 21:28:39 -07:00
xfrm4_output.c [IPSEC]: Handle GSO packets 2006-06-23 02:07:38 -07:00
xfrm4_policy.c [IPSEC] xfrm: Undo afinfo lock proliferation 2006-06-17 21:28:37 -07:00
xfrm4_state.c [IPSEC] xfrm: Undo afinfo lock proliferation 2006-06-17 21:28:37 -07:00
xfrm4_tunnel.c [IPSEC]: Kill unused decap state argument 2006-04-01 00:52:46 -08:00