RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-02-08 21:57:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
46ed3e54b6
selinux/libsepol/include/sepol/policydb
History
Jeff Vander Stoep 99fc177b5a Add neverallow support for ioctl extended permissions 
Neverallow rules for ioctl extended permissions will pass in two
cases:
1. If extended permissions exist for the source-target-class set
   the test will pass if the neverallow values are excluded.
2. If extended permissions do not exist for the source-target-class
   set the test will pass if the ioctl permission is not granted.

Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
Acked-by:  Nick Kralevich <nnk@google.com>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
2015-09-22 10:52:47 -04:00
..
avrule_block.h Allow libsepol C++ static library on device. 2015-01-20 10:31:15 -05:00
avtab.h Add neverallow support for ioctl extended permissions 2015-09-22 10:52:47 -04:00
conditional.h Allow libsepol C++ static library on device. 2015-01-20 10:31:15 -05:00
constraint.h Allow libsepol C++ static library on device. 2015-01-20 10:31:15 -05:00
context.h Allow libsepol C++ static library on device. 2015-01-20 10:31:15 -05:00
ebitmap.h libsepol: Add new ebitmap function named ebitmap_match_any() 2015-06-22 09:44:55 -04:00
expand.h Allow libsepol C++ static library on device. 2015-01-20 10:31:15 -05:00
flask_types.h Allow libsepol C++ static library on device. 2015-01-20 10:31:15 -05:00
flask.h
hashtab.h Allow libsepol C++ static library on device. 2015-01-20 10:31:15 -05:00
hierarchy.h libsepol: Refactored bounds (hierarchy) checking code 2015-06-22 09:44:55 -04:00
link.h Allow libsepol C++ static library on device. 2015-01-20 10:31:15 -05:00
mls_types.h Allow libsepol C++ static library on device. 2015-01-20 10:31:15 -05:00
module.h Allow libsepol C++ static library on device. 2015-01-20 10:31:15 -05:00
polcaps.h Allow libsepol C++ static library on device. 2015-01-20 10:31:15 -05:00
policydb.h Add neverallow support for ioctl extended permissions 2015-09-22 10:52:47 -04:00
services.h Allow libsepol C++ static library on device. 2015-01-20 10:31:15 -05:00
sidtab.h Allow libsepol C++ static library on device. 2015-01-20 10:31:15 -05:00
symtab.h Allow libsepol C++ static library on device. 2015-01-20 10:31:15 -05:00
util.h Add neverallow support for ioctl extended permissions 2015-09-22 10:52:47 -04:00