linux-sg2042/security
Paul Moore effad8df44 SELinux: Add network ingress and egress control permission checks
This patch implements packet ingress/egress controls for SELinux which allow
SELinux security policy to control the flow of all IPv4 and IPv6 packets into
and out of the system.  Currently SELinux does not have proper control over
forwarded packets and this patch corrects this problem.

Special thanks to Venkat Yekkirala <vyekkirala@trustedcs.com> whose earlier
work on this topic eventually led to this patch.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
2008-01-30 08:17:30 +11:00
..
keys security/selinux: constify function pointer tables and fields 2008-01-25 11:29:54 +11:00
selinux SELinux: Add network ingress and egress control permission checks 2008-01-30 08:17:30 +11:00
Kconfig Implement file posix capabilities 2007-10-17 08:43:07 -07:00
Makefile [PATCH] LSM: remove BSD secure level security module 2006-09-29 09:18:10 -07:00
capability.c Implement file posix capabilities 2007-10-17 08:43:07 -07:00
commoncap.c Fix filesystem capability support 2008-01-21 19:39:41 -08:00
dummy.c security: add a secctx_to_secid() hook 2008-01-25 11:29:53 +11:00
inode.c Kobject: convert remaining kobject_unregister() to kobject_put() 2008-01-24 20:40:40 -08:00
root_plug.c security: Convert LSM into a static interface 2007-10-17 08:43:07 -07:00
security.c security: add a secctx_to_secid() hook 2008-01-25 11:29:53 +11:00