aha/security/smack
Paul Moore 07feee8f81 netlabel: Cleanup the Smack/NetLabel code to fix incoming TCP connections
This patch cleans up a lot of the Smack network access control code.  The
largest changes are to fix the labeling of incoming TCP connections in a
manner similar to the recent SELinux changes which use the
security_inet_conn_request() hook to label the request_sock and let the label
move to the child socket via the normal network stack mechanisms.  In addition
to the incoming TCP connection fixes this patch also removes the smk_labled
field from the socket_smack struct as the minor optimization advantage was
outweighed by the difficulty in maintaining it's proper state.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: James Morris <jmorris@namei.org>
2009-03-28 15:01:37 +11:00
..
Kconfig Smack: Simplified Mandatory Access Control Kernel 2008-02-05 09:44:20 -08:00
Makefile Smack: Simplified Mandatory Access Control Kernel 2008-02-05 09:44:20 -08:00
smack.h netlabel: Cleanup the Smack/NetLabel code to fix incoming TCP connections 2009-03-28 15:01:37 +11:00
smack_access.c smack: convert smack to standard linux lists 2009-03-26 09:17:04 +11:00
smack_lsm.c netlabel: Cleanup the Smack/NetLabel code to fix incoming TCP connections 2009-03-28 15:01:37 +11:00
smackfs.c smack: convert smack to standard linux lists 2009-03-26 09:17:04 +11:00