On Mon, 2006-03-20 at 15:15 -0800, Chris Wright wrote: > * Andrew Morton ([EMAIL PROTECTED]) wrote: > > Chris Wright <[EMAIL PROTECTED]> wrote: > > > Catherine, the security_sid_to_context() is a raw SELinux function which > > > crept into core code and should not have been there. The fallout fixes > > > included conditionally exporting security_sid_to_context, and finally > > > scm_send/recv unlining. > > > > Yes. So we're OK up the uninlining, right? > > Yes, although sid_to_context is meant to be analog to the other > get_peersec calls, and should really be made a proper part of the > interface (can be done later, correctness is the issue at hand).
Yes, Catherine was told that she shouldn't be directly exporting security_sid_to_context, and was allegedly working on a fix. Note however that the expected solution is not a LSM interface but a set of properly encapsulated interfaces exported directly from SELinux, based on the iptables context matching patches by James. The same style of interface is being put forth for the audit LSPP work. The indirection of LSM serves no purpose here, as these users are specifically looking for functionality provided only by SELinux. > I don't expect security_sk_sid() to be terribly expensive. It's not > an AVC check, it's just propagating a label. But I've not done any > benchmarking on that. No permission check there, but it looks like it does read lock sk_callback_lock. Not sure if that is truly justified here. -- Stephen Smalley National Security Agency - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
