Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / abc69bb633931bf54c6db798bcdc6fd1e0284742
commitabc69bb633931bf54c6db798bcdc6fd1e0284742[log] [tgz]
authorStephen Smalley <sds@tycho.nsa.gov>Wed May 21 14:16:12 2008 -0400
committerJames Morris <jmorris@namei.org>Mon Jul 14 15:01:52 2008 +1000
tree711aaf6c5e1d8bdd57138e8baf3a369ed832602d
parent006ebb40d3d65338bd74abb03b945f8d60e362bd [diff]
SELinux: enable processes with mac_admin to get the raw inode contexts

Enable processes with CAP_MAC_ADMIN + mac_admin permission in policy
to get undefined contexts on inodes.  This extends the support for
deferred mapping of security contexts in order to permit restorecon
and similar programs to see the raw file contexts unknown to the
system policy in order to check them.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
1 file changed
tree: 711aaf6c5e1d8bdd57138e8baf3a369ed832602d
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. fs/
  7. include/
  8. init/
  9. ipc/
  10. kernel/
  11. lib/
  12. mm/
  13. net/
  14. samples/
  15. scripts/
  16. security/
  17. sound/
  18. usr/
  19. virt/
  20. .gitignore
  21. .mailmap
  22. COPYING
  23. CREDITS
  24. Kbuild
  25. MAINTAINERS
  26. Makefile
  27. README
  28. REPORTING-BUGS