]>
Commit | Line | Data |
---|---|---|
2712d476 | 1 | diff -urN -X dontdiff linux-2.6.0-test6-mm2.orig/security/selinux/include/security.h linux-2.6.0-test6-mm2.w1/security/selinux/include/security.h |
2 | --- linux-2.6.0-test6-mm2.orig/security/selinux/include/security.h 2003-09-27 20:50:07.000000000 -0400 | |
3 | +++ linux-2.6.0-test6-mm2.w1/security/selinux/include/security.h 2003-10-03 15:06:59.901346808 -0400 | |
4 | @@ -13,6 +13,7 @@ | |
5 | #define SECCLASS_NULL 0x0000 /* no class */ | |
6 | ||
7 | #define SELINUX_MAGIC 0xf97cff8c | |
8 | +#define POLICYDB_VERSION 15 | |
9 | ||
10 | #ifdef CONFIG_SECURITY_SELINUX_BOOTPARAM | |
11 | extern int selinux_enabled; | |
12 | diff -urN -X dontdiff linux-2.6.0-test6-mm2.orig/security/selinux/selinuxfs.c linux-2.6.0-test6-mm2.w1/security/selinux/selinuxfs.c | |
13 | --- linux-2.6.0-test6-mm2.orig/security/selinux/selinuxfs.c 2003-09-27 20:51:22.000000000 -0400 | |
14 | +++ linux-2.6.0-test6-mm2.w1/security/selinux/selinuxfs.c 2003-10-03 15:04:31.579895096 -0400 | |
15 | @@ -37,7 +37,8 @@ | |
16 | SEL_ACCESS, /* compute access decision */ | |
17 | SEL_CREATE, /* compute create labeling decision */ | |
18 | SEL_RELABEL, /* compute relabeling decision */ | |
19 | - SEL_USER /* compute reachable user contexts */ | |
20 | + SEL_USER, /* compute reachable user contexts */ | |
21 | + SEL_POLICYVERS /* return policy version for this kernel */ | |
22 | }; | |
23 | ||
24 | static ssize_t sel_read_enforce(struct file *filp, char *buf, | |
25 | @@ -125,6 +126,46 @@ | |
26 | .write = sel_write_enforce, | |
27 | }; | |
28 | ||
29 | +static ssize_t sel_read_policyvers(struct file *filp, char *buf, | |
30 | + size_t count, loff_t *ppos) | |
31 | +{ | |
32 | + char *page; | |
33 | + ssize_t length; | |
34 | + ssize_t end; | |
35 | + | |
36 | + if (count < 0 || count > PAGE_SIZE) | |
37 | + return -EINVAL; | |
38 | + if (!(page = (char*)__get_free_page(GFP_KERNEL))) | |
39 | + return -ENOMEM; | |
40 | + memset(page, 0, PAGE_SIZE); | |
41 | + | |
42 | + length = snprintf(page, PAGE_SIZE, "%u", POLICYDB_VERSION); | |
43 | + if (length < 0) { | |
44 | + free_page((unsigned long)page); | |
45 | + return length; | |
46 | + } | |
47 | + | |
48 | + if (*ppos >= length) { | |
49 | + free_page((unsigned long)page); | |
50 | + return 0; | |
51 | + } | |
52 | + if (count + *ppos > length) | |
53 | + count = length - *ppos; | |
54 | + end = count + *ppos; | |
55 | + if (copy_to_user(buf, (char *) page + *ppos, count)) { | |
56 | + count = -EFAULT; | |
57 | + goto out; | |
58 | + } | |
59 | + *ppos = end; | |
60 | +out: | |
61 | + free_page((unsigned long)page); | |
62 | + return count; | |
63 | +} | |
64 | + | |
65 | +static struct file_operations sel_policyvers_ops = { | |
66 | + .read = sel_read_policyvers, | |
67 | +}; | |
68 | + | |
69 | static ssize_t sel_write_load(struct file * file, const char * buf, | |
70 | size_t count, loff_t *ppos) | |
71 | ||
72 | @@ -568,6 +609,7 @@ | |
73 | [SEL_CREATE] = {"create", &transaction_ops, S_IRUGO|S_IWUGO}, | |
74 | [SEL_RELABEL] = {"relabel", &transaction_ops, S_IRUGO|S_IWUGO}, | |
75 | [SEL_USER] = {"user", &transaction_ops, S_IRUGO|S_IWUGO}, | |
76 | + [SEL_POLICYVERS] = {"policyvers", &sel_policyvers_ops, S_IRUGO}, | |
77 | /* last one */ {""} | |
78 | }; | |
79 | return simple_fill_super(sb, SELINUX_MAGIC, selinux_files); | |
80 | diff -urN -X dontdiff linux-2.6.0-test6-mm2.orig/security/selinux/ss/policydb.h linux-2.6.0-test6-mm2.w1/security/selinux/ss/policydb.h | |
81 | --- linux-2.6.0-test6-mm2.orig/security/selinux/ss/policydb.h 2003-09-27 20:50:38.000000000 -0400 | |
82 | +++ linux-2.6.0-test6-mm2.w1/security/selinux/ss/policydb.h 2003-10-03 15:06:59.291439528 -0400 | |
83 | @@ -225,7 +225,6 @@ | |
84 | ||
85 | #define PERM_SYMTAB_SIZE 32 | |
86 | ||
87 | -#define POLICYDB_VERSION 15 | |
88 | #define POLICYDB_CONFIG_MLS 1 | |
89 | ||
90 | #define OBJECT_R "object_r" |