Programming Languages Research Group: Git - firefly-linux-kernel-4.4.55.git/commit

author	Stephen Smalley <sds@tycho.nsa.gov>
	Mon, 5 Nov 2012 13:15:34 +0000 (08:15 -0500)
committer	Arve Hjønnevåg <arve@android.com>
	Mon, 1 Jul 2013 21:16:21 +0000 (14:16 -0700)
commit	6e6d8f546c36b161067efa5e0518f56be0200e77
tree	57f04a1e6d75c366e10e69df18e2dae091ca7954	tree \| snapshot
parent	3c7eb15c1ce0f0e22de5034bafc104e362fc33ef	commit \| diff

Add security hooks to binder and implement the hooks for SELinux.

Add security hooks to the binder and implement the hooks for SELinux.
The security hooks enable security modules such as SELinux to implement
controls over binder IPC. The security hooks include support for
controlling what process can become the binder context manager
(binder_set_context_mgr), controlling the ability of a process
to invoke a binder transaction/IPC to another process (binder_transaction),
controlling the ability a process to transfer a binder reference to
another process (binder_transfer_binder), and controlling the ability
of a process to transfer an open file to another process (binder_transfer_file).

This support is used by SE Android, http://selinuxproject.org/page/SEAndroid.

Change-Id: I9a64a87825df2e60b9c51400377af4a9cd1c4049
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

drivers/staging/android/binder.c		diff \| blob \| history
include/linux/security.h		diff \| blob \| history
security/capability.c		diff \| blob \| history
security/security.c		diff \| blob \| history
security/selinux/hooks.c		diff \| blob \| history
security/selinux/include/classmap.h		diff \| blob \| history