This patch defines a new permission ('relabelto') in the new SELinux
packet object class, to be used when setting SECMARK rules for labeling
packets.
Signed-off-by: James Morris <[EMAIL PROTECTED]>
---
security/selinux/include/av_perm_to_string.h | 1 +
security/selinux/include/av_permissions.h | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff -purN -X dontdiff
linux-2.6.17-rc3-git7.p/security/selinux/include/av_permissions.h
linux-2.6.17-rc3-git7.w/security/selinux/include/av_permissions.h
--- linux-2.6.17-rc3-git7.p/security/selinux/include/av_permissions.h
2006-05-03 11:34:17.000000000 -0400
+++ linux-2.6.17-rc3-git7.w/security/selinux/include/av_permissions.h
2006-05-07 00:14:13.000000000 -0400
@@ -935,4 +935,4 @@
#define PACKET__SEND 0x00000001UL
#define PACKET__RECV 0x00000002UL
-
+#define PACKET__RELABELTO 0x00000004UL
diff -purN -X dontdiff
linux-2.6.17-rc3-git7.p/security/selinux/include/av_perm_to_string.h
linux-2.6.17-rc3-git7.w/security/selinux/include/av_perm_to_string.h
--- linux-2.6.17-rc3-git7.p/security/selinux/include/av_perm_to_string.h
2006-05-03 11:34:17.000000000 -0400
+++ linux-2.6.17-rc3-git7.w/security/selinux/include/av_perm_to_string.h
2006-05-07 00:14:34.000000000 -0400
@@ -241,3 +241,4 @@
S_(SECCLASS_ASSOCIATION, ASSOCIATION__SETCONTEXT, "setcontext")
S_(SECCLASS_PACKET, PACKET__SEND, "send")
S_(SECCLASS_PACKET, PACKET__RECV, "recv")
+ S_(SECCLASS_PACKET, PACKET__RELABELTO, "relabelto")
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
