On 1/23/2013 1:32 PM, Myklebust, Trond wrote:
On Tue, 2013-01-22 at 08:40 -0500, Steve Dickson wrote:
From: David Quigley <dpquigl@xxxxxxxxxxxxxxx>
The interface to request security labels from user space is the xattr
interface. When requesting the security label from an NFS server it is
important to make sure the requested xattr actually is a MAC label. This allows
us to make sure that we get the desired semantics from the attribute instead of
something else such as capabilities or a time based LSM.
Signed-off-by: Matthew N. Dodd <Matthew.Dodd@xxxxxxxxxx>
Signed-off-by: Miguel Rodel Felipe <Rodel_FM@xxxxxxxxxxxxxxxxx>
Signed-off-by: Phua Eu Gene <PHUA_Eu_Gene@xxxxxxxxxxxxxxxxx>
Signed-off-by: Khin Mi Mi Aung <Mi_Mi_AUNG@xxxxxxxxxxxxxxxxx>
---
include/linux/security.h | 14 ++++++++++++++
security/capability.c | 6 ++++++
security/security.c | 6 ++++++
security/selinux/hooks.c | 6 ++++++
security/smack/smack_lsm.c | 11 +++++++++++
5 files changed, 43 insertions(+)
Ditto here. We'll need Acks from James, Stephen, Eric and Casey.
Adding James Morris, Steve Smalley, and Eric Paris for an ACK. These
patches have been reviewed on the security list many times in the past
and we're just now trying to get them mainlined again. All past comments
were addressed in them.
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
