tequilaOS/platform_external_selinux
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
No description
153 commits 1 branch 0 tags 17 MiB
C 71.3%
Python 15.6%
Roff 9.1%
SWIG 1.1%
Makefile 1%
Other 1.9%
Find a file
Eamon Walsh 58866dd566 The userspace AVC currently has refcounted SID's. This patch strips out 
the refcounting under the following justifications:

1.  Managing the refcounts by calling sidput() and sidget() as
appropriate is a difficult and bug-prone task for users of the library.

2.  The userspace AVC doesn't currently make use of the refcounts to
reclaim unused SID's unless avc_cleanup() is explicitly called.

3.  The kernel itself no longer uses refcounting for it's own SID's.

The implication of this change is that SID's (basically malloc'ed copies
of security contexts) will persist in the AVC's SID table until the next
call to avc_destroy().  This presents the potential for increased memory
usage, but in practice I don't believe this will be an issue.  ABI
compatibility is preserved: the avc_cleanup(), sidput(), and sidget()
calls are changed to no-ops.

Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
2009-09-02 20:36:42 -04:00
checkpolicy bump checkpolicy to 2.0.19 2009-02-17 12:22:40 -05:00
libselinux The userspace AVC currently has refcounted SID's. This patch strips out 2009-09-02 20:36:42 -04:00
libsemanage libsemanage 2.0.36 2009-08-24 15:28:42 -04:00
libsepol libsepol 2.0.38 2009-09-01 10:03:46 -04:00
policycoreutils policycoreutils 2.0.71 2009-08-11 10:24:16 -04:00
scripts release script 2009-03-12 01:23:32 -04:00
sepolgen bump sepolgen to 1.0.17 2009-05-05 20:20:36 -04:00
Makefile initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00