linux/drivers
Paul Moore 2b980dbd77 lsm: Add hooks to the TUN driver
The TUN driver lacks any LSM hooks which makes it difficult for LSM modules,
such as SELinux, to enforce access controls on network traffic generated by
TUN users; this is particularly problematic for virtualization apps such as
QEMU and KVM.  This patch adds three new LSM hooks designed to control the
creation and attachment of TUN devices, the hooks are:

 * security_tun_dev_create()
   Provides access control for the creation of new TUN devices

 * security_tun_dev_post_create()
   Provides the ability to create the necessary socket LSM state for newly
   created TUN devices

 * security_tun_dev_attach()
   Provides access control for attaching to existing, persistent TUN devices
   and the ability to update the TUN device's socket LSM state as necessary

Signed-off-by: Paul Moore <paul.moore@hp.com>
Acked-by: Eric Paris <eparis@parisplace.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: James Morris <jmorris@namei.org>
2009-09-01 08:29:48 +10:00
..
accessibility
acpi Merge branch 'misc-2.6.31' into release 2009-08-02 12:55:51 -04:00
amba [ARM] amba: fix amba device resources 2009-07-05 22:39:08 +01:00
ata ahci: add workaround for on-board 5723s on some gigabyte boards 2009-08-12 06:21:32 -04:00
atm
auxdisplay
base PM / Driver Core: Kill dev_pm_ops platform warning for now 2009-08-10 23:41:18 +02:00
block mg_disk: Add missing ready status check on mg_write() 2009-07-28 08:57:33 +02:00
bluetooth headers: smp_lock.h redux 2009-07-12 12:22:34 -07:00
cdrom
char pty: fix data loss when stopped (^S/^Q) 2009-08-10 13:31:18 -07:00
clocksource sh: CMT suspend/resume 2009-08-15 12:58:45 +09:00
connector connector: maintainer/mail update. 2009-07-21 12:43:51 -07:00
cpufreq [CPUFREQ] Make cpufreq suspend code conditional on powerpc. 2009-08-04 14:32:11 -04:00
cpuidle
crypto
dca
dio
dma Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/djbw/async_tx 2009-07-30 16:46:31 -07:00
edac amd64_edac: print debug statements only on error 2009-08-04 12:10:06 +02:00
eisa
firewire Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394-2.6 2009-07-06 14:03:44 -07:00
firmware
gpio headers: smp_lock.h redux 2009-07-12 12:22:34 -07:00
gpu drm/kms: teardown crtc correctly when fb is destroyed. 2009-08-19 14:11:34 +10:00
hid Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid 2009-07-22 09:30:07 -07:00
hwmon hwmon: (asus_atk0110) Fix upper limit readings 2009-07-28 16:31:39 +02:00
i2c i2c-omap: OMAP3430 Silicon Errata 1.153 2009-07-30 01:03:24 +01:00
ide ide-tape: Don't leak kernel stack information 2009-07-21 20:36:25 -07:00
idle
ieee1394 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394-2.6 2009-07-06 14:03:44 -07:00
ieee802154
infiniband Merge branches 'ehca', 'misc', 'mlx4', 'mthca' and 'nes' into for-linus 2009-06-23 10:38:47 -07:00
input Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2009-08-07 10:42:14 -07:00
isdn Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2009-08-04 15:38:34 -07:00
leds Update Yoichi Yuasa's e-mail address 2009-07-03 15:45:29 +01:00
lguest lguest and virtio: cleanup struct definitions to Linux style. 2009-07-30 16:03:46 +09:30
macintosh powerpc/pmac: Fix DMA ops for MacIO devices 2009-06-26 14:37:25 +10:00
mca
md Merge branch 'for-linus' of git://neil.brown.name/md 2009-08-18 13:54:08 -07:00
media V4L/DVB (12441): siano: read buffer overflow 2009-08-13 20:39:14 -03:00
memstick
message fusion: mptsas, fix lock imbalance 2009-06-22 08:54:14 -05:00
mfd mfd: twl4030 irq fixes 2009-08-04 20:31:32 +02:00
misc cb710: use SG_MITER_TO_SG/SG_MITER_FROM_SG 2009-07-31 12:28:46 +02:00
mmc drivers/mmc: correct error-handling code 2009-08-07 10:39:56 -07:00
mtd Remove zero-length file drivers/mtd/maps/sbc8240.c 2009-08-12 06:29:57 -04:00
net lsm: Add hooks to the TUN driver 2009-09-01 08:29:48 +10:00
nubus
of of/mdio: Add support function for Ethernet fixed-link property 2009-07-22 09:27:18 -07:00
oprofile oprofile: reset bt_lost_no_mapping with other stats 2009-07-10 12:35:36 +02:00
parisc parisc: hppb.c - fix printk format strings 2009-08-02 15:42:39 +02:00
parport parport/serial: add support for NetMos 9901 Multi-IO card 2009-06-30 18:55:59 -07:00
pci Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jbarnes/pci-2.6 2009-08-10 11:00:37 -07:00
pcmcia Remove multiple KERN_ prefixes from printk formats 2009-07-08 10:30:03 -07:00
platform Merge branch 'bugzilla-13825' into release 2009-08-02 12:36:01 -04:00
pnp Merge branches 'acerhdf', 'acpi-pci-bind', 'bjorn-pci-root', 'bugzilla-12904', 'bugzilla-13121', 'bugzilla-13396', 'bugzilla-13533', 'bugzilla-13612', 'c3_lock', 'hid-cleanups', 'misc-2.6.31', 'pdc-leak-fix', 'pnpacpi', 'power_nocheck', 'thinkpad_acpi', 'video' and 'wmi' into release 2009-06-24 01:19:50 -04:00
power Merge git://git.infradead.org/users/cbou/battery-2.6.31 2009-07-30 16:45:53 -07:00
pps
ps3
rapidio
regulator
rtc rtc: mark if rtc-cmos drivers were successfully registered 2009-07-29 19:10:35 -07:00
s390 Merge git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-rc-fixes-2.6 2009-08-04 15:38:10 -07:00
sbus
scsi Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2009-08-04 15:38:34 -07:00
serial ARM: S3C64XX: serial: Fix a typo in Kconfig 2009-08-14 00:43:46 +01:00
sh
sn
spi spi_s3c24xx: fix transfer setup code 2009-08-18 16:31:13 -07:00
ssb Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2009-07-09 20:33:18 -07:00
staging Networking: use CAP_NET_ADMIN when deciding to call request_module 2009-08-14 11:18:34 +10:00
tc
telephony headers: smp_lock.h redux 2009-07-12 12:22:34 -07:00
thermal
uio
usb USB: fix oops on disconnect in cdc-acm 2009-08-07 16:05:14 -07:00
uwb
video sh: skip disabled LCDC channels 2009-08-15 12:58:42 +09:00
virtio virtio: refactor find_vqs 2009-07-30 16:03:45 +09:30
vlynq vlynq: fix typo in Kconfig to enable debugging 2009-07-06 13:57:03 -07:00
w1 drivers/w1/masters/omap_hdq.c: fix missing mutex unlock 2009-08-07 10:39:55 -07:00
watchdog Merge master.kernel.org:/home/rmk/linux-2.6-arm 2009-08-07 10:46:51 -07:00
xen xen: Use kcalloc() in xen_init_IRQ() 2009-07-01 11:19:47 +02:00
zorro
Kconfig
Makefile