On 1/23/2013 1:36 PM, Myklebust, Trond wrote:
On Tue, 2013-01-22 at 08:40 -0500, Steve Dickson wrote:
From: David Quigley <dpquigl@xxxxxxxxxxxxxxx>
There currently doesn't exist a labeling type that is adequate for use with
labeled NFS. Since NFS doesn't really support xattrs we can't use the use xattr
labeling behavior. For this we developed a new labeling type. The native
labeling type is used solely by NFS to ensure NFS inodes are labeled at runtime
by the NFS code instead of relying on the SELinux security server on the client
end.
Signed-off-by: Matthew N. Dodd <Matthew.Dodd@xxxxxxxxxx>
Signed-off-by: Miguel Rodel Felipe <Rodel_FM@xxxxxxxxxxxxxxxxx>
Signed-off-by: Phua Eu Gene <PHUA_Eu_Gene@xxxxxxxxxxxxxxxxx>
Signed-off-by: Khin Mi Mi Aung <Mi_Mi_AUNG@xxxxxxxxxxxxxxxxx>
---
include/linux/security.h | 3 +++
security/selinux/hooks.c | 35 ++++++++++++++++++++++++++---------
security/selinux/include/security.h | 2 ++
security/selinux/ss/policydb.c | 5 ++++-
4 files changed, 35 insertions(+), 10 deletions(-)
...OK. You get the drift... :-)
Adding James Morris, Steve Smalley, and Eric Paris for an ACK. These
patches have been reviewed on the security list many times in the past
and we're just now trying to get them mainlined again. All past comments
were addressed in them.
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
