| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 12 Apr 2017 18:12:15 +0900
From: Sebastien Buisson <sbuisson.ddn@...il.com>
To: linux-security-module@...r.kernel.org,
linux-kernel@...r.kernel.org, selinux@...ho.nsa.gov
Cc: serge@...lyn.com, james.l.morris@...cle.com, eparis@...isplace.org,
sds@...ho.nsa.gov, paul@...l-moore.com,
Sebastien Buisson <sbuisson@....com>
Subject: [PATCH] selinux: add selinux_status_get_seq() function
Add selinux_status_get_seq() function to give access to sequence
number of current SELinux policy loaded to the rest of the kernel.
Signed-off-by: Sebastien Buisson <sbuisson@....com>
---
include/linux/selinux.h | 7 +++++++
security/selinux/ss/status.c | 21 +++++++++++++++++++++
2 files changed, 28 insertions(+)
diff --git a/include/linux/selinux.h b/include/linux/selinux.h
index 44f4596..926f9f0 100644
--- a/include/linux/selinux.h
+++ b/include/linux/selinux.h
@@ -24,12 +24,19 @@
* selinux_is_enabled - is SELinux enabled?
*/
bool selinux_is_enabled(void);
+u32 selinux_status_get_seq(void);
#else
static inline bool selinux_is_enabled(void)
{
return false;
}
+
+static inline u32 selinux_status_get_seq(void)
+{
+ return 0;
+}
+
#endif /* CONFIG_SECURITY_SELINUX */
#endif /* _LINUX_SELINUX_H */
diff --git a/security/selinux/ss/status.c b/security/selinux/ss/status.c
index d982365..a0670d3 100644
--- a/security/selinux/ss/status.c
+++ b/security/selinux/ss/status.c
@@ -124,3 +124,24 @@ void selinux_status_update_policyload(int seqno)
}
mutex_unlock(&selinux_status_lock);
}
+
+/*
+ * selinux_status_get_seq
+ *
+ * It gets current sequence of policy loaded.
+ */
+u32 selinux_status_get_seq(void)
+{
+ struct selinux_kernel_status *status;
+ u32 seq = 0;
+
+ mutex_lock(&selinux_status_lock);
+ if (selinux_status_page) {
+ status = page_address(selinux_status_page);
+ seq = status->sequence;
+ }
+ mutex_unlock(&selinux_status_lock);
+
+ return seq;
+}
+EXPORT_SYMBOL_GPL(selinux_status_get_seq);
--
1.8.3.1
Powered by blists - more mailing lists