Начало Каталог Помощ
Регистрация Вход
phyus
/
linux-vybrid_public
8
0
Разклонения 0
Файлове Задачи 0 Заявки за сливане 0 Уики
Преглед на файлове

SELinux: move SELINUX_MAGIC into magic.h

The selinuxfs superblock magic is used inside the IMA code, but is being
defined in two places and could someday get out of sync.  This patch moves the
declaration into magic.h so it is only done once.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
Eric Paris преди 16 години
родител
c3d20103d0
ревизия
75834fc3b6
променени са 3 файла, в които са добавени 5 реда и са изтрити 7 реда
Обединен изглед Покажи статистика за разликите
  1. 1 0
      include/linux/magic.h
  2. 3 5
      security/integrity/ima/ima_policy.c
  3. 1 2
      security/selinux/include/security.h

+ 1 - 0
include/linux/magic.h
Целия файл 

@@ -9,6 +9,7 @@
 
 #define DEBUGFS_MAGIC          0x64626720
 
 #define DEBUGFS_MAGIC          0x64626720
 
 #define SYSFS_MAGIC		0x62656572
 
 #define SYSFS_MAGIC		0x62656572
 
 #define SECURITYFS_MAGIC	0x73636673
 
 #define SECURITYFS_MAGIC	0x73636673
 
+#define SELINUX_MAGIC		0xf97cff8c
 
 #define TMPFS_MAGIC		0x01021994
 
 #define TMPFS_MAGIC		0x01021994
 
 #define SQUASHFS_MAGIC		0x73717368
 
 #define SQUASHFS_MAGIC		0x73717368
 
 #define EFS_SUPER_MAGIC		0x414A53
 
 #define EFS_SUPER_MAGIC		0x414A53

+ 3 - 5
security/integrity/ima/ima_policy.c
Целия файл 

@@ -49,14 +49,12 @@ struct ima_measure_rule_entry {
 
  * written in terms of .action, .func, .mask, .fsmagic, and .uid
 
  * written in terms of .action, .func, .mask, .fsmagic, and .uid
 
  */
 
  */
 
 static struct ima_measure_rule_entry default_rules[] = {
 
 static struct ima_measure_rule_entry default_rules[] = {
 
-	{.action = DONT_MEASURE,.fsmagic = PROC_SUPER_MAGIC,
 
-	 .flags = IMA_FSMAGIC},
 
+	{.action = DONT_MEASURE,.fsmagic = PROC_SUPER_MAGIC,.flags = IMA_FSMAGIC},
 
 	{.action = DONT_MEASURE,.fsmagic = SYSFS_MAGIC,.flags = IMA_FSMAGIC},
 
 	{.action = DONT_MEASURE,.fsmagic = SYSFS_MAGIC,.flags = IMA_FSMAGIC},
 
 	{.action = DONT_MEASURE,.fsmagic = DEBUGFS_MAGIC,.flags = IMA_FSMAGIC},
 
 	{.action = DONT_MEASURE,.fsmagic = DEBUGFS_MAGIC,.flags = IMA_FSMAGIC},
 
 	{.action = DONT_MEASURE,.fsmagic = TMPFS_MAGIC,.flags = IMA_FSMAGIC},
 
 	{.action = DONT_MEASURE,.fsmagic = TMPFS_MAGIC,.flags = IMA_FSMAGIC},
 
-	{.action = DONT_MEASURE,.fsmagic = SECURITYFS_MAGIC,
 
-	 .flags = IMA_FSMAGIC},
 
-	{.action = DONT_MEASURE,.fsmagic = 0xF97CFF8C,.flags = IMA_FSMAGIC},
 
+	{.action = DONT_MEASURE,.fsmagic = SECURITYFS_MAGIC,.flags = IMA_FSMAGIC},
 
+	{.action = DONT_MEASURE,.fsmagic = SELINUX_MAGIC,.flags = IMA_FSMAGIC},
 
 	{.action = MEASURE,.func = FILE_MMAP,.mask = MAY_EXEC,
 
 	{.action = MEASURE,.func = FILE_MMAP,.mask = MAY_EXEC,
 
 	 .flags = IMA_FUNC | IMA_MASK},
 
 	 .flags = IMA_FUNC | IMA_MASK},
 
 	{.action = MEASURE,.func = BPRM_CHECK,.mask = MAY_EXEC,
 
 	{.action = MEASURE,.func = BPRM_CHECK,.mask = MAY_EXEC,

+ 1 - 2
security/selinux/include/security.h
Целия файл 

@@ -8,14 +8,13 @@
 
 #ifndef _SELINUX_SECURITY_H_
 
 #ifndef _SELINUX_SECURITY_H_
 
 #define _SELINUX_SECURITY_H_
 
 #define _SELINUX_SECURITY_H_
 
 
 
+#include <linux/magic.h>
 
 #include "flask.h"
 
 #include "flask.h"
 
 
 
 #define SECSID_NULL			0x00000000 /* unspecified SID */
 
 #define SECSID_NULL			0x00000000 /* unspecified SID */
 
 #define SECSID_WILD			0xffffffff /* wildcard SID */
 
 #define SECSID_WILD			0xffffffff /* wildcard SID */
 
 #define SECCLASS_NULL			0x0000 /* no class */
 
 #define SECCLASS_NULL			0x0000 /* no class */
 
 
 
-#define SELINUX_MAGIC 0xf97cff8c
 
-
 
 /* Identify specific policy version changes */
 
 /* Identify specific policy version changes */
 
 #define POLICYDB_VERSION_BASE		15
 
 #define POLICYDB_VERSION_BASE		15
 
 #define POLICYDB_VERSION_BOOL		16
 
 #define POLICYDB_VERSION_BOOL		16