From: James Morris <[EMAIL PROTECTED]>
Date: Fri, 28 Jul 2006 00:53:30 -0400 (EDT)
> On Thu, 27 Jul 2006, Venkat Yekkirala wrote:
>
> > Signed-off-by: Venkat Yekkirala <[EMAIL PROTECTED]>
>
> Acked-by: James Morris <[EMAIL PROTECTED]>
>
> > --- NOTE: Not sure what the ideal thing to do is here.
On Thu, 27 Jul 2006, Venkat Yekkirala wrote:
> The following patch will fix the build problem (encountered by Andrew Morton)
> when SECURITY_NETWORK_XFRM is not enabled.
>
> As compared to git-net-selinux_xfrm_decode_session-build-fix.patch in -mm,
> this patch sets the return parameter sid to SE
The following patch will fix the build problem (encountered by Andrew Morton)
when SECURITY_NETWORK_XFRM is not enabled.
As compared to git-net-selinux_xfrm_decode_session-build-fix.patch in -mm,
this patch sets the return parameter sid to SECSID_NULL in
selinux_xfrm_decode_session()
and handles
This automatically labels the TCP, Unix stream, and dccp child sockets
as well as openreqs to be at the same MLS level as the peer. This will
result in the selection of appropriately labeled IPSec Security Associations.
This also uses the sock's sid (as opposed to the isec sid) in SELinux
enforc
