]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9ebaa07) | patch
selinux: allow per-file labeling for cgroupfs
authorAntonio Murdaca <runcom@redhat.com>
Thu, 9 Feb 2017 16:02:42 +0000 (17:02 +0100)
committerPaul Moore <paul@paul-moore.com>
Tue, 22 Aug 2017 19:38:18 +0000 (15:38 -0400)
commite0ea090d0488eba1d2b63b4f8f745e3d6a436ca1
treeb09c7e1bb1705c4db7dd5468b19fb7f243aa37b6tree | snapshot
parent9ebaa0791a3c8e1593d2d68b5914f299cfbc8160commit | diff
selinux: allow per-file labeling for cgroupfs

This patch allows genfscon per-file labeling for cgroupfs. For instance,
this allows to label the "release_agent" file within each
cgroup mount and limit writes to it.

Signed-off-by: Antonio Murdaca <amurdaca@redhat.com>
[PM: subject line and merge tweaks]
Signed-off-by: Paul Moore <paul@paul-moore.com>
security/selinux/hooks.c diff | blob | history
Linux Kernel Source Tree.