From 943ba7b8f6994e5aaef3e14ea8e01655525fc647 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Mon, 18 May 2009 10:26:10 -0400 Subject: [PATCH] --- yaml --- r: 146431 b: refs/heads/master c: 75834fc3b6fcff00327f5d2a18760c1e8e0179c5 h: refs/heads/master i: 146429: 07bcb5b0a10aec291b8cb7d5b26fa76d609603e7 146427: a81e8d264c8c9aa0621a7549fdb6543e54fdb723 146423: d49f0b14867f0a6527de4d7a553e4b26150ff297 146415: 7c5f48eca7fc423c1194aef4fcfef66d8a3f8f30 146399: 851abf47a2f26e29b7572e38df9b5af5085b856a 146367: 237ed57a602ced5f812a84b3aee7105ffcd99638 146303: b8a4aff8f6b03c2d8e0f192ec3cb9609bdb974e2 146175: 16d1fe19991aec8a7ab16eae8e85b280c646624c 145919: fb09de96e33bc36b38113f632f14317927000bbc 145407: 166de486808a60d90701b0818a1c9c31faaad02b v: v3 --- [refs] | 2 +- trunk/include/linux/magic.h | 1 + trunk/security/integrity/ima/ima_policy.c | 8 +++----- trunk/security/selinux/include/security.h | 3 +-- 4 files changed, 6 insertions(+), 8 deletions(-) diff --git a/[refs] b/[refs] index 1cbf7b331ca6..97098bf6fdc5 100644 --- a/[refs] +++ b/[refs] @@ -1,2 +1,2 @@ --- -refs/heads/master: c3d20103d08e5c0b6738fbd0acf3ca004e5356c5 +refs/heads/master: 75834fc3b6fcff00327f5d2a18760c1e8e0179c5 diff --git a/trunk/include/linux/magic.h b/trunk/include/linux/magic.h index 5b4e28bcb788..927138cf3050 100644 --- a/trunk/include/linux/magic.h +++ b/trunk/include/linux/magic.h @@ -9,6 +9,7 @@ #define DEBUGFS_MAGIC 0x64626720 #define SYSFS_MAGIC 0x62656572 #define SECURITYFS_MAGIC 0x73636673 +#define SELINUX_MAGIC 0xf97cff8c #define TMPFS_MAGIC 0x01021994 #define SQUASHFS_MAGIC 0x73717368 #define EFS_SUPER_MAGIC 0x414A53 diff --git a/trunk/security/integrity/ima/ima_policy.c b/trunk/security/integrity/ima/ima_policy.c index dec6dcb1c8de..31d677f7c65f 100644 --- a/trunk/security/integrity/ima/ima_policy.c +++ b/trunk/security/integrity/ima/ima_policy.c @@ -49,14 +49,12 @@ struct ima_measure_rule_entry { * written in terms of .action, .func, .mask, .fsmagic, and .uid */ static struct ima_measure_rule_entry default_rules[] = { - {.action = DONT_MEASURE,.fsmagic = PROC_SUPER_MAGIC, - .flags = IMA_FSMAGIC}, + {.action = DONT_MEASURE,.fsmagic = PROC_SUPER_MAGIC,.flags = IMA_FSMAGIC}, {.action = DONT_MEASURE,.fsmagic = SYSFS_MAGIC,.flags = IMA_FSMAGIC}, {.action = DONT_MEASURE,.fsmagic = DEBUGFS_MAGIC,.flags = IMA_FSMAGIC}, {.action = DONT_MEASURE,.fsmagic = TMPFS_MAGIC,.flags = IMA_FSMAGIC}, - {.action = DONT_MEASURE,.fsmagic = SECURITYFS_MAGIC, - .flags = IMA_FSMAGIC}, - {.action = DONT_MEASURE,.fsmagic = 0xF97CFF8C,.flags = IMA_FSMAGIC}, + {.action = DONT_MEASURE,.fsmagic = SECURITYFS_MAGIC,.flags = IMA_FSMAGIC}, + {.action = DONT_MEASURE,.fsmagic = SELINUX_MAGIC,.flags = IMA_FSMAGIC}, {.action = MEASURE,.func = FILE_MMAP,.mask = MAY_EXEC, .flags = IMA_FUNC | IMA_MASK}, {.action = MEASURE,.func = BPRM_CHECK,.mask = MAY_EXEC, diff --git a/trunk/security/selinux/include/security.h b/trunk/security/selinux/include/security.h index a7be3f01fb08..ca835795a8b3 100644 --- a/trunk/security/selinux/include/security.h +++ b/trunk/security/selinux/include/security.h @@ -8,14 +8,13 @@ #ifndef _SELINUX_SECURITY_H_ #define _SELINUX_SECURITY_H_ +#include #include "flask.h" #define SECSID_NULL 0x00000000 /* unspecified SID */ #define SECSID_WILD 0xffffffff /* wildcard SID */ #define SECCLASS_NULL 0x0000 /* no class */ -#define SELINUX_MAGIC 0xf97cff8c - /* Identify specific policy version changes */ #define POLICYDB_VERSION_BASE 15 #define POLICYDB_VERSION_BOOL 16