mirror of
https://github.com/topjohnwu/selinux.git
synced 2025-01-09 04:30:15 +00:00
bc2a8f418e
The attached patch adds several interfaces to reference /selinux/status according to sequential-lock logic. selinux_status_open() open the kernel status page and mmap it with read-only mode, or open netlink socket as a fallback in older kernels. Then, we can obtain status information from the mmap'ed page using selinux_status_updated(), selinux_status_getenfoce(), selinux_status_policyload() or selinux_status_deny_unknown(). It enables to help to implement userspace avc with heavy access control decision; that we cannot ignore the cost to communicate with kernel for validation of userspace caches. Signed-off-by: Steve Lawrence <slawrence@tresys.com> |
||
|---|---|---|
| .. | ||
| include | ||
| man | ||
| src | ||
| utils | ||
| .gitignore | ||
| ChangeLog | ||
| LICENSE | ||
| Makefile | ||
| VERSION | ||