On Wed, 2011-03-02 at 14:52 -0500, Eric Paris wrote: > On Wed, 2011-03-02 at 08:58 -0500, Stephen Smalley wrote: > > On Wed, 2011-03-02 at 13:32 +0800, Harry Ciao wrote: > > > The security context for the newly created socket shares the same > > > user, role and MLS attribute as its creator but may have a different > > > type, which could be specified by a type_transition rule in the relevant > > > policy package. > > > > > > Signed-off-by: Harry Ciao <qingtao.cao@xxxxxxxxxxxxx> > > > > The patches look good to me but I think they conflict with already > > applied patches in Eric's tree: > > git clone git://git.infradead.org/users/eparis/selinux.git > > > > CC security/selinux/hooks.o > > security/selinux/hooks.c: In function âsocket_sockcreate_sidâ: > > security/selinux/hooks.c:3602:2: warning: passing argument 4 of > > âsecurity_transition_sidâ from incompatible pointer type > > security/selinux/include/security.h:111:5: note: expected âconst struct > > qstr *â but argument is of type âu32 *â > > security/selinux/hooks.c:3602:2: error: too few arguments to function > > âsecurity_transition_sidâ > > security/selinux/include/security.h:111:5: note: declared here > > security/selinux/hooks.c:3603:1: warning: control reaches end of > > non-void function > > make[2]: *** [security/selinux/hooks.o] Error 1 > > > > I think Eric changed the security_transition_sid interface to support > > type_transitions based on last component name, so you'd need to adjust > > your patches accordingly. > > > > Patches for SELinux now go in via Eric's tree and then on to James' > > tree. > > I actually fixed up your patch and pushed them to a new branch for > review. If people are happy I will merge them and send them along > towards Linus. > > http://git.infradead.org/users/eparis/selinux.git/shortlog/refs/heads/socket-labeling Looks good, thanks. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
