Programming Languages Research Group: Git - firefly-linux-kernel-4.4.55.git/commit

author	Stephen Smalley <sds@tycho.nsa.gov>
	Mon, 5 Nov 2012 13:15:34 +0000 (08:15 -0500)
committer	Riley Andrews <riandrews@google.com>
	Tue, 13 Jan 2015 22:48:51 +0000 (22:48 +0000)
commit	c76b9f83bfc0551c065229c13c785675d6da9825
tree	de809d4edd739d261a049967ae272c82b5fae1db	tree \| snapshot
parent	ebce7cd30b3e00232c8be23d0f04d7c0599089b5	commit \| diff

Add security hooks to binder and implement the hooks for SELinux.

Add security hooks to the binder and implement the hooks for SELinux.
The security hooks enable security modules such as SELinux to implement
controls over binder IPC. The security hooks include support for
controlling what process can become the binder context manager
(binder_set_context_mgr), controlling the ability of a process
to invoke a binder transaction/IPC to another process (binder_transaction),
controlling the ability a process to transfer a binder reference to
another process (binder_transfer_binder), and controlling the ability
of a process to transfer an open file to another process (binder_transfer_file).

This support is used by SE Android, http://selinuxproject.org/page/SEAndroid.

Change-Id: I34266b66320b6a3df9ac01833d7f94daf742920e
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

drivers/android/binder.c		diff \| blob \| history
include/linux/security.h		diff \| blob \| history
security/capability.c		diff \| blob \| history
security/security.c		diff \| blob \| history
security/selinux/hooks.c		diff \| blob \| history
security/selinux/include/classmap.h		diff \| blob \| history