linux/security/selinux
Catherine Zhang dc49c1f94e [AF_UNIX]: Kernel memory leak fix for af_unix datagram getpeersec patch
From: Catherine Zhang <cxzhang@watson.ibm.com>

This patch implements a cleaner fix for the memory leak problem of the
original unix datagram getpeersec patch.  Instead of creating a
security context each time a unix datagram is sent, we only create the
security context when the receiver requests it.

This new design requires modification of the current
unix_getsecpeer_dgram LSM hook and addition of two new hooks, namely,
secid_to_secctx and release_secctx.  The former retrieves the security
context and the latter releases it.  A hook is required for releasing
the security context because it is up to the security module to decide
how that's done.  In the case of Selinux, it's a simple kfree
operation.

Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-08-02 14:12:06 -07:00
..
include [PATCH] SELinux: decouple fscontext/context mount options 2006-07-10 13:24:13 -07:00
ss [PATCH] selinux: fix bug in security_compute_sid 2006-07-31 13:28:38 -07:00
avc.c [PATCH] support for context based audit filtering 2006-05-01 06:06:24 -04:00
exports.c [SECMARK]: Add SELinux exports 2006-06-17 21:29:55 -07:00
hooks.c [AF_UNIX]: Kernel memory leak fix for af_unix datagram getpeersec patch 2006-08-02 14:12:06 -07:00
Kconfig [SECMARK]: Add new packet controls to SELinux 2006-06-17 21:30:05 -07:00
Makefile [PATCH] support for context based audit filtering 2006-05-01 06:06:24 -04:00
netif.c [PATCH] SELinux: convert to kzalloc 2005-10-30 17:37:11 -08:00
netlink.c [NETLINK]: Add "groups" argument to netlink_kernel_create 2005-08-29 16:01:11 -07:00
nlmsgtab.c Merge branch 'audit.b3' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current 2006-03-25 09:24:53 -08:00
selinuxfs.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
xfrm.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00