linux/security/selinux
Paul Moore 03e1ad7b5d LSM: Make the Labeled IPsec hooks more stack friendly
The xfrm_get_policy() and xfrm_add_pol_expire() put some rather large structs
on the stack to work around the LSM API.  This patch attempts to fix that
problem by changing the LSM API to require only the relevant "security"
pointers instead of the entire SPD entry; we do this for all of the
security_xfrm_policy*() functions to keep things consistent.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-12 19:07:52 -07:00
..
include LSM: Make the Labeled IPsec hooks more stack friendly 2008-04-12 19:07:52 -07:00
ss NetLabel: Allow passing the LSM domain as a shared pointer 2008-04-12 19:06:42 -07:00
avc.c d_path: Use struct path in struct avc_audit_data 2008-02-14 21:17:08 -08:00
exports.c SELinux: Enable dynamic enable/disable of the network access checks 2008-01-30 08:17:26 +11:00
hooks.c selinux: handle files opened with flags 3 by checking ioctl permission 2008-04-02 16:05:52 +11:00
Kconfig SELinux: Add a capabilities bitmap to SELinux policy version 22 2008-01-30 08:17:23 +11:00
Makefile SELinux: Add a network node caching mechanism similar to the sel_netif_*() functions 2008-01-30 08:17:23 +11:00
netif.c [NET] NETNS: Omit net_device->nd_net without CONFIG_NET_NS. 2008-03-26 04:39:53 +09:00
netlabel.c SELinux: Allow NetLabel to directly cache SIDs 2008-01-30 08:17:27 +11:00
netlink.c [NET]: Support multiple network namespaces with netlink 2007-10-10 16:49:09 -07:00
netnode.c SELinux: Add warning messages on network denial due to error 2008-01-30 08:17:30 +11:00
nlmsgtab.c Audit: add TTY input auditing 2007-07-16 09:05:47 -07:00
selinuxfs.c [AUDIT] add session id to audit messages 2008-02-01 14:06:51 -05:00
xfrm.c LSM: Make the Labeled IPsec hooks more stack friendly 2008-04-12 19:07:52 -07:00