diff options
| author | Brian Norris <computersforpeace@gmail.com> | 2014-08-19 11:57:23 -0700 |
|---|---|---|
| committer | Brian Norris <computersforpeace@gmail.com> | 2014-08-19 11:57:23 -0700 |
| commit | 5b49ab3e03f68eb49db4bce6290e5707b7f6c6f3 (patch) | |
| tree | 090c7c069bc6c0f2b368ed8d0af861c275525411 /security/selinux/hooks.c | |
| parent | b25046b1e5e3f1423434da77ccc859f2f779d1ce (diff) | |
| parent | 54ea17a597b00e46b3720e75dd7595cd5dfa5670 (diff) | |
| download | linux-stable-5b49ab3e03f68eb49db4bce6290e5707b7f6c6f3.tar.gz linux-stable-5b49ab3e03f68eb49db4bce6290e5707b7f6c6f3.tar.bz2 linux-stable-5b49ab3e03f68eb49db4bce6290e5707b7f6c6f3.zip | |
Merge l2-mtd/next into l2-mtd/master
Diffstat (limited to 'security/selinux/hooks.c')
| -rw-r--r-- | security/selinux/hooks.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 83d06db34d03..b0e940497e23 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -161,6 +161,17 @@ static int selinux_peerlbl_enabled(void) return (selinux_policycap_alwaysnetwork || netlbl_enabled() || selinux_xfrm_enabled()); } +static int selinux_netcache_avc_callback(u32 event) +{ + if (event == AVC_CALLBACK_RESET) { + sel_netif_flush(); + sel_netnode_flush(); + sel_netport_flush(); + synchronize_net(); + } + return 0; +} + /* * initialise the security for the init task */ @@ -5993,6 +6004,9 @@ static __init int selinux_init(void) if (register_security(&selinux_ops)) panic("SELinux: Unable to register with kernel.\n"); + if (avc_add_callback(selinux_netcache_avc_callback, AVC_CALLBACK_RESET)) + panic("SELinux: Unable to register AVC netcache callback\n"); + if (selinux_enforcing) printk(KERN_DEBUG "SELinux: Starting in enforcing mode\n"); else |